Just a heads up: On March 24, 2025, starting at 4:30pm CDT / 19:30 UTC, the site will be undergoing scheduled maintenance for a few hours. During this time, the site might be unavailable for a short while. Thanks for your patience.

×
Create
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Tomcat misconfigured due to requests for special characters (2018)

brianchew
brianchew
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
December 22, 2018 edited

Hello all, super new to Jira and tomcat, but I managed to follow a guide and quickly install SSL, the redirect works, but after following the documentation to add these

Add relaxedPathChars="[]|" relaxedQueryChars="[]|{}^\`"<>" to the connector properties in server.xml

It seems like my Jira software is still telling me what the picture says

Screenshot 2018-12-22 at 10.09.31 PM.png

Do take note I am self-hosting, provided I have listed the logs from catalina.out, and my server.xml configuration files.

/opt/atlassian/jira/logs/catalina.out

2018-12-22 14:01:10,680 JIRA-Bootstrap ERROR      [c.a.j.health.checks.TomcatConfigurationHealthCheck]

    Required path chars: [ ] |

    Configured path chars: null []|

    Required query chars: [ ] | { } ^ \ ` " < >

    Configured query chars: null []|{}^\`"<>

 

2018-12-22 14:01:10,704 JIRA-Bootstrap ERROR      [c.a.jira.health.HealthChecks] Tomcat is misconfigured

2018-12-22 14:01:10,704 JIRA-Bootstrap ERROR      [c.a.jira.health.HealthChecks] The server.xml file is missing parameters needed by Jira to handle requests that contain special characters.

 

2018-12-22 14:01:10,704 JIRA-Bootstrap ERROR      [c.a.jira.startup.DefaultJiraLauncher] JIRA has failed to start because of the following errors: [(Event: Level = (EventLevel: error) , Key = (EventType:$

/opt/atlassian/jira/conf/sever.xml (my <Connector> sections)

 

 

        <Connector port="8080" 

                relaxedPathChars="[]|" relaxedQueryChars="[]|{}^&#x5c;&#x60;&quot;&lt;&gt;"

                   maxThreads="150" minSpareThreads="25" connectionTimeout="20000" enableLookups="false"

                   maxHttpHeaderSize="8192" protocol="HTTP/1.1" useBodyEncodingForURI="true" redirectPort="8443"

                   acceptCount="100" disableUploadTimeout="true" bindOnInit="false"/>

 

        <Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol"

                maxHttpHeaderSize="8192" SSLEnabled="true"

                maxThreads="150" minSpareThreads="25"

                enableLookups="false" disableUploadTimeout="true"

                acceptCount="100" scheme="https" secure="true"

                sslEnabledProtocols="TLSv1.2,TLSv1.3"

                clientAuth="false" useBodyEncodingForURI="true"

                keyAlias="jira" keystoreFile="/usr/lib/jvm/java-11-openjdk-amd64/jira.jks"

                keystorePass="" keystoreType="JKS"/>

 I would greatly appreciate any help!

Answer
Watch
Like Be the first to like this
12450 views

1 answer

1 accepted

1 vote
Answer accepted
Shannon S
Shannon S
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
January 3, 2019

Hi Brian,

You need to do this for any connectors your instance is using, so both HTTP and HTTPS.

Can you stop Jira, add it to 8443 as well, and restart?

Regards,

Shannon

View More Comments
brianchew
brianchew
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
January 5, 2019

Hey Shannon,

I managed to add this after I added the connectors for the instance.
It works and I forgot to update the answer.

 

Thank you!

Like
Shannon S
Shannon S
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
January 7, 2019

You're welcome! Glad to hear that's exactly what it was!

Regards,

Shannon

Like
Shirley Tsai
Shirley Tsai
Contributor
March 19, 2019

Great!! It also works for me.  Thank you.

Like Shannon S likes this
Amar
Amar January 8, 2020

@brianchew  

I am facing some issue , could you please share the latest server.xml view after adding connector ?

 

Thanks,

Like
Jy
Jy June 24, 2020 edited

still facing some issue by following , tried this in https://confluence.atlassian.com/adminjiraserver/running-jira-applications-over-ssl-or-https-938847764.html

what's the diff between HTTP/1.1 and protocol org.apache.coyote.http11.Http11NioProtocol



<Connector port="8080" relaxedPathChars="[]|" relaxedQueryChars="[]|{}^&#x5c;&#x60;&quot;&lt;&gt;" 
maxThreads="150" minSpareThreads="25" connectionTimeout="20000" enableLookups="false"
maxHttpHeaderSize="8192" protocol="HTTP/1.1" useBodyEncodingForURI="true" redirectPort="8443"
acceptCount="100" disableUploadTimeout="true" bindOnInit="false"/>


<Connector port="8443" relaxedPathChars="[]|" relaxedQueryChars="[]|{}^&#x5c;&#x60;&quot;&lt;&gt;" 
maxThreads="150" minSpareThreads="25" connectionTimeout="20000" enableLookups="false"
maxHttpHeaderSize="8192" protocol="HTTP/1.1" useBodyEncodingForURI="true" 
acceptCount="100" disableUploadTimeout="true" bindOnInit="false"/>


<Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol"
              maxHttpHeaderSize="8192" SSLEnabled="true"
              maxThreads="150" minSpareThreads="25"
              enableLookups="false" disableUploadTimeout="true"
              acceptCount="100" scheme="https" secure="true"
              sslEnabledProtocols="TLSv1.2,TLSv1.3"
              clientAuth="false" useBodyEncodingForURI="true"
              keyAlias="jira" keystoreFile="<Jira_HOME>/jira.jks" keystorePass="changeit" keystoreType="JKS"/>

 

Like
allant
allant
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
November 7, 2020 edited

this config I used and its working:

<Connector SSLEnabled="true" acceptCount="100" clientAuth="false" connectionTimeout="20000" disableUploadTimeout="true" enableLookups="false" keyAlias="jira" keystoreFile="path to *.jks" keystorePass="1" keystoreType="JKS" maxHttpHeaderSize="8192" maxSpareThreads="75" maxThreads="150" minSpareThreads="25" port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol" scheme="https" secure="true" sslProtocol="TLS" useBodyEncodingForURI="true" relaxedPathChars="[]|" relaxedQueryChars="[]|{}^&#x5c;&#x60;&quot;&lt;&gt;" />

Add relaxedPathChars and relaxedQueryChars in SSL connector also. If both HTTP and HTTPS are enabled.

Base  from https://confluence.atlassian.com/adminjiraserver/running-jira-applications-over-ssl-or-https-938847764.html these relaxedPathChars and relaxedQueryChars settings are missing. 

Then restart Jira service.

Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira
TAGS
AUG Leaders

Upcoming Jira Events