Incorrect HTTP(S) clone URL

Hello.

I've installed Atlassian Stash and set up Nginx in front with SSL. Stash runs great behind this proxy, but one problem I am having is that the clone URL is still using HTTP, and HTTP is stated in the dropdown.

I have changed the base URL of Stash so that it is using HTTPS but it has had no effect on the clone URL. I am rewriting all HTTP requests to HTTPS via Nginx, but it is confusing our users that the dropdown still says HTTP.

Is there anything I can do about this other than to configure Stash itself to run on HTTPS?

Here's the nginx config:

upstream stash {
        server stash-srv:7990;
}

server {
        listen 80;
        server_name stash.example.com;

        location / {
                rewrite ^ https://stash.example.com$request_uri? permanent;
        }
}

server {
        listen 443;
        server_name stash.example.com;

        ssl on;
        ssl_certificate xxx;
        ssl_certificate_key xxx;
        ssl_session_cache shared:SSL:1m;
        ssl_session_timeout 5m;

        location / {
                proxy_pass http://stash;
                proxy_set_header Host $http_host;
                proxy_set_header X-Real-IP $remote_addr;
                proxy_set_header X-Forwarded-for $remote_addr;
                proxy_set_header X-Forwarded-Proto https;
                proxy_next_upstream error;
                proxy_redirect http://stash.example.com/ https://stash.example.com/;
        }
}

4 answers

1 accepted

I managed to fix this issue by replicating what I had to do to solve gadget issues with SSL proxying in JIRA.

Add the following to the Connector in conf/server.xml:

scheme="https"
proxyName="your.domain.com"
proxyPort="443"

The dropdown still says HTTP, but the URL has https in it now so I guess that's intended.

I updated my answer with my nginx config. I've included the lines from the article you are linking to and I still have the same problem unfortunately.

I have the same issue but then with apache as the proxy.. So I guess it's an stash thing. I use stash 1.2.0..

Here is config from working nginx with no problems on HTTPS:
server {
listen 80;

    location / {
        return 302 https://$hostname$request_uri;
    }
}

server {
    listen 443 ssl;

    ssl on;
    ssl_certificate /etc/nginx/ssl/stash.crt;
    ssl_certificate_key /etc/nginx/ssl/stash.key;
    ssl_prefer_server_ciphers on;
    ssl_protocols TLSv1 SSLv3;
    ssl_ciphers !aNULL:!LOW:!MD5:!EXP:RC4:CAMELLIA:AES128:3DES:SEED:AES256;

    client_header_timeout  10m;
    client_body_timeout    10m;
    client_max_body_size   1g;
    send_timeout           10m;

    location / {
        proxy_pass http://127.0.0.1:7990;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_read_timeout  900;
    }
}

If you not specified timeouts, then you can get errors on long pushes. Also, nginx must always redirect to HTTPS, not forward it into Tomcat, cos it always will show user login page.

For tomcat you should use port forwarding in server.xml:

redirectPort="443"
            secure="true"
            scheme="https"
            proxyPort="443" />

Suggest an answer

Log in or Sign up to answer
How to earn badges on the Atlassian Community

How to earn badges on the Atlassian Community

Badges are a great way to show off community activity, whether you’re a newbie or a Champion.

Learn more
Community showcase
Posted Thursday in Off-topic

Friday Fun: Magic Eyes

...staring into the background. Once the image pops out in 3D, you can look around the picture and enjoy. If you will see if you are a true illusion master! :) You did it? :) Wow! Awesome! As a bonus...

461 views 83 11
Join discussion

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you