It returns "http://my.jira.dom" when I use $action.getBaseUrl() in the Velocity template. Wrong url from the template is used in a Ajax request which causes the following error:
SEC7111: [Mixed-Content] The origin 'https://my.jira.dom' was loaded in a secure context but tried to load an insecure resource at 'http://my.jira.dom/rest/whatever'.
JIRA is accessed via https.
What might be wrong?
BTW AJS.contextPath() in js resource returns a correct url, which uses https.
Hi Dmirtril,
I understand you are seeing this mixed-content error message in Jira. The nature of this message indicates that there is likely somewhere within Jira that is not yet configured to use HTTPS here.
my.jira.dom
address.The lack of these parameters could cause this mixed content error. Essentially Jira's Tomcat is not aware that end users are using HTTPS here, and we need to update that connector, save that file, and restart Jira for this to work correctly.
I would expect you to have a connector that has these parameters:
scheme="https" proxyName="my.jira.dom" proxyPort="443"
Try adding this to the connector. This detail is explained in the documentation we have on Integrating Jira with Apache using SSL. I'm not sure if you're using an Apache proxy with Jira here, some other proxy, or even just natively using SSL directly in Tomcat. If you're using a proxy, you'll likely need all three of these. But if you're terminating SSL in Tomcat, you will at least need that scheme parameter on the connector here.
If you have more than one <Connector> tag in that file, let me know, you can share them here and perhaps I can offer some more specific advice as to how you could configure this to avoid this error.
Andy
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.