[英]Jira behind Apache https proxy redirect
I have a jira server setup using tomcat and apache. 我有一个使用tomcat和apache的jira服务器设置。 When I type in the url jira.example.com it brings me to https://jira.example.com//secure/Dashboard.jspa and I get dashboard errors because of the url.
当我输入URL jira.example.com时,它带我到https://jira.example.com//secure/Dashboard.jspa ,由于URL而导致仪表板错误。 If I type in jira.example.com:8080 it brings me to the correct url.
如果我输入jira.example.com:8080,它将带我到正确的网址。 http://jira.example.com:8080/secure/Dashboard.jspa Any ideas where the issue might be?
http://jira.example.com:8080/secure/Dashboard.jspa可能存在问题的任何想法?
<IfModule mod_proxy.c>
ProxyRequests On
<VirtualHost *:80>
ServerName jira.example.com
ServerAlias jira jira.c11.example.com
ProxyPreserveHost On
ProxyRequests Off
ProxyPass / http://localhost:8080/
ProxyPassReverse / http://localhost:8080/
ProxyTimeout 60
RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://jira.example.com/$1 [R,L]
ErrorLog /var/log/httpd/jira.example.com-error_log
CustomLog /var/log/httpd/jira.example.com-access_log combined
</VirtualHost>
<VirtualHost *:443>
ServerName jira.example.com
ServerAlias jira jira.c11.example.com
ServerSignature On
SSLEngine on
SSLCertificateFile /etc/httpd/conf/ssl.crt/star.example.com.crt
SSLCertificateKeyFile /etc/httpd/conf/ssl.key/star.example.com.key
SSLCertificateChainFile /etc/httpd/conf/ssl.crt/thawte_chain_bundle.crt
SetEnvIf User-Agent .*MSIE.* nokeepalive ssl-unclean-shutdown
ErrorLog /var/log/httpd/ssl-jira.example.com-error_log
CustomLog /var/log/httpd/ssl-jira.example.com-access_log combined
SSLProxyEngine on
<Proxy *>
Order deny,allow
Allow from all
#Allow from .your_domain.com
</Proxy>
ProxyRequests Off
ProxyPreserveHost On
ProxyPass / http://localhost:8080/
ProxyPassReverse / http://localhost:8080/
In your primary virtualhost you have a rewrite condition to redirect non ssl traffic to https: 在主虚拟主机中,您具有重写条件,可将非SSL流量重定向到https:
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://jira.example.com/$1 [R,L]
Removing this would remove the redirect. 删除此选项将删除重定向。
I was facing this issue moments ago. 我刚才遇到了这个问题。
The base url was set properly in Jira but I still had the message about it being not the same than the one used to access the interface. 基本网址已在Jira中正确设置,但我仍然收到有关该网址与用于访问界面的网址不同的消息。
The problem was that I did not set a Tomcat connector with the proxy parameters. 问题是我没有使用代理参数设置Tomcat连接器。 Adding the following connector solved my problem (with a jira restart of course)
添加以下连接器解决了我的问题(当然,通过吉拉重启)
<Connector acceptCount="100" connectionTimeout="20000"
disableUploadTimeout="true" enableLookups="false" maxHttpHeaderSize="8192"
maxThreads="150" minSpareThreads="25" port="8081" protocol="HTTP/1.1"
redirectPort="8443" useBodyEncodingForURI="true"
<!-- This is the important part -->
proxyName="jira.mybuisness.com" proxyPort="443" scheme="https"/>
This is the very only modification made to Jira's installation, all the other config related to the https proxy is handled by apache. 这是对Jira的安装所做的唯一修改,与https代理相关的所有其他配置均由apache处理。
Here is the relevant apache config with mod_ssl
mod_proxy
mod_proxy_http
and mod_proxy_connect
enabled. 这是启用了
mod_ssl
mod_proxy
mod_proxy_http
和mod_proxy_connect
的相关Apache配置。
<VirtualHost 192.168.5.143:443>
ServerName https://jira.mybuisness.com
# SSLEngine is not specified in jira's documentation but was necessary for me
SSLEngine On
SSLProxyEngine On
SSLCertificateFile /path/to/my/certificate/cacert_https.pem
SSLCertificateKeyFile /path/to/private/privkey_https.pem
ProxyRequests Off
ProxyPreserveHost On
ProxyPass / http://myjiraserver:8081/
ProxyPassReverse / http://myjiraserver:8081/
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
ErrorLog "logs/jira-error.log"
CustomLog "logs/jira-access.log" common
</VirtualHost>
<VirtualHost 192.168.5.143:80>
ErrorLog "logs/jira-error.log"
CustomLog "logs/jira-access.log" common
ServerName superjiratest.mybuisness.com
Redirect permanent / https://jira.mybuisness.com/
</VirtualHost>
I was using self-signed keys as this was a test setup but it's pretty much the same with validated paid keys. 我使用的是自签名密钥,因为这是一个测试设置,但与经过验证的付费密钥几乎相同。
I hope this will help someone, I lost quite a lot of time on that. 我希望这会对某人有所帮助,我为此花费了很多时间。 I guess that OP already found a solution after almost a year.
我想OP将近一年后就找到了解决方案。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.