Apache反向代理后面具有SSL的JIRA服务器不起作用
[英]JIRA Server with SSL Behind Apache Reverse Proxy Not Working
问题描述
I'm trying to get JIRA setup behind an Apache reverse proxy where the connection to Apache is via SSL and then the connection between Apache and JIRA is http. 
我正在尝试在Apache反向代理后面进行JIRA设置,在该代理中,通过SSL到Apache的连接是通过Apache,然后在Apache和JIRA之间的连接是http。
ie Internet/Network <=https=> Apache <=http=> JIRASERVER 即Internet /网络<= https => Apache <= http => JIRASERVER
I'm using a self certified certificate created as described here Both Apache and JIRA are running on the same Windows 2008 R2 server. 我正在使用按此处所述创建的自认证证书Apache和JIRA都在同一Windows 2008 R2服务器上运行。 I've followed the instructions from Atlassian but it just doesn't seem to work, I've been looking around all over the Internet and not found a solution for my issue. 我遵循了Atlassian的指示,但似乎没有用,我一直在Internet上四处张望,找不到解决我问题的方法。
I can setup Apache without SSL and that seems to work fine 我可以在没有SSL的情况下安装Apache,这似乎可以正常工作
Config 1 配置1
Internet/Network <=http=> Apache <=http=> JIRASERVER 互联网/网络<= http => Apache <= http => JIRASERVER
JIRA Setup Files JIRA安装文件
server.xml server.xml
<Service name="Catalina">
<Connector acceptCount="100" connectionTimeout="20000" disableUploadTimeout="true"
enableLookups="false" maxHttpHeaderSize="8192" maxThreads="150" minSpareThreads="25"
port="8080" protocol="HTTP/1.1" redirectPort="8443" useBodyEncodingForURI="true"
proxyName="JIRASERVERNAME" proxyPort="80"/>
Apache Setup File Apache安装文件
httpd.conf httpd.conf
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_connect_module modules/mod_proxy_connect.so
LoadModule proxy_http_module modules/mod_proxy_http.so
ServerName JIRASERVERNAME
Include conf/extra/httpd-vhosts.conf
httpd-vhosts.conf httpd-vhosts.conf
<VirtualHost *>
ServerName JIRASERVERNAME
ProxyRequests Off
ProxyPreserveHost On
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
ProxyPass / http://JIRASERVERNAME:8080/
ProxyPassReverse / http://JIRASERVERNAME:8080/
</VirtualHost>
Type JIRASERVERNAME in a browser URL directs to JIRASERVERNAME/secure/Dashboard.jspa and works fine. 在浏览器URL中键入JIRASERVERNAME指向JIRASERVERNAME / secure / Dashboard.jspa,并且运行正常。
Config 2 配置2
However when I try and enable the SSL by changing the files as shown below (ie remove the setup for non-SSL and just use SSL) I get no response and am confused as to what's wrong. 但是,当我尝试通过如下所示更改文件来启用SSL(即,删除非SSL的设置并仅使用SSL)时,我没有任何响应,并且对错误之处感到困惑。
JIRA Setup Files JIRA安装文件
server.xml server.xml
<Service name="Catalina">
<Connector acceptCount="100" connectionTimeout="20000" disableUploadTimeout="true" enableLookups="false"
maxHttpHeaderSize="8192" maxThreads="150" minSpareThreads="25" port="8080"
protocol="HTTP/1.1" redirectPort="8443" useBodyEncodingForURI="true"
scheme="https" proxyName="JIRASERVERNAME" proxyPort="443" secure="true"/>
Apache Setup Files Apache安装文件
httpd.conf httpd.conf
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_connect_module modules/mod_proxy_connect.so
LoadModule proxy_http_module modules/mod_proxy_http.so
LoadModule ssl_module modules/mod_ssl.so
ServerName JIRASERVERNAME
Include conf/extra/httpd-vhosts.conf
httpd-vhosts.conf httpd-vhosts.conf
<VirtualHost *:443>
ServerName JIRASERVERNAME
SSLEngine On
SSLCertificateFile "C:\Program Files\Atlassian\JIRA\jre\server.crt"
SSLCertificateKeyFile "C:\Program Files\Atlassian\JIRA\jre\server.key"
SSLProxyEngine On
ProxyRequests Off
ProxyPreserveHost On
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
ProxyPass / http://JIRASERVERNAME:8080/
ProxyPassReverse / http://JIRASERVERNAME:8080/
</VirtualHost>
<VirtualHost *:80>
ServerName JIRASERVERNAME
Redirect / https://JIRASERVERNAME/
</VirtualHost>
Typing in JIRASERVERNAME redirects to the secure URL https://JIRASERVERNAME But I get the response in Chrome "This web page is not available" Can anyone help point out what I've done wrong please, I'd be very grateful 在JIRASERVERNAME中输入内容会重定向到安全URL https://JIRASERVERNAME但我在Chrome中收到响应“此网页不可用”,有人可以帮助指出我做错了吗,我将不胜感激
1 个解决方案
解决方案1
1 已采纳 2014-04-01 08:00:25
I got it working, it was mainly because Apache wasn't listening on port 443, and I fixed this by including httpd-ssl.conf and then defining my VirtualHost in there. 我知道它能正常工作,主要是因为Apache不在端口443上监听,我通过包含httpd-ssl.conf并在其中定义了VirtualHost来解决此问题。
So this is what I've ended up with 这就是我最终得到的
JIRA Setup Files JIRA安装文件
server.xml server.xml
<Service name="Catalina">
<Connector acceptCount="100" connectionTimeout="20000" disableUploadTimeout="true" enableLookups="false"
maxHttpHeaderSize="8192" maxThreads="150" minSpareThreads="25" port="8080"
protocol="HTTP/1.1" redirectPort="8443" useBodyEncodingForURI="true"
scheme="https" proxyName="JIRASERVERNAME" proxyPort="443" secure="true"/>
Apache Setup File
httpd.conf httpd.conf
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_connect_module modules/mod_proxy_connect.so
LoadModule proxy_http_module modules/mod_proxy_http.so
LoadModule ssl_module modules/mod_ssl.so
ServerName JIRASERVERNAME
Include conf/extra/httpd-vhosts.conf
Include conf/extra/httpd-ssl.conf
httpd-vhosts.conf httpd-vhosts.conf
<VirtualHost *:80>
ServerName JIRASERVERNAME
Redirect / https://JIRASERVERNAME/
</VirtualHost>
httpd-ssl.conf httpd-ssl.conf
Listen 443 #This was already defined in here
<VirtualHost *:443>
ServerName JIRASERVERNAME
SSLEngine On
SSLCertificateFile "C:\Program Files\Atlassian\JIRA\jre\server.crt"
SSLCertificateKeyFile "C:\Program Files\Atlassian\JIRA\jre\server.key"
SSLProxyEngine On
ProxyRequests Off
ProxyPreserveHost On
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
ProxyPass / http://JIRASERVERNAME:8080/
ProxyPassReverse / http://JIRASERVERNAME:8080/
</VirtualHost>
I also commented out any lines that were superseded by my VirtualHost config. 我还注释掉了VirtualHost配置所取代的所有行。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.