Apache HTTPS代理重定向背后的Jira

Question

我有一个使用tomcat和apache的jira服务器设置。 当我输入URL jira.example.com时，它带我到https://jira.example.com//secure/Dashboard.jspa ，由于URL而导致仪表板错误。 如果我输入jira.example.com:8080，它将带我到正确的网址。 http://jira.example.com:8080/secure/Dashboard.jspa可能存在问题的任何想法？

<IfModule mod_proxy.c>
ProxyRequests On

<VirtualHost *:80>
        ServerName jira.example.com
        ServerAlias jira jira.c11.example.com
        ProxyPreserveHost On
        ProxyRequests Off
        ProxyPass / http://localhost:8080/
        ProxyPassReverse / http://localhost:8080/
        ProxyTimeout 60
        RewriteEngine On
        RewriteCond %{SERVER_PORT} 80
        RewriteRule ^(.*)$ https://jira.example.com/$1 [R,L]
        ErrorLog /var/log/httpd/jira.example.com-error_log
        CustomLog /var/log/httpd/jira.example.com-access_log combined
</VirtualHost>

<VirtualHost *:443>
   ServerName jira.example.com
   ServerAlias jira jira.c11.example.com
     ServerSignature On
     SSLEngine on
     SSLCertificateFile    /etc/httpd/conf/ssl.crt/star.example.com.crt
     SSLCertificateKeyFile /etc/httpd/conf/ssl.key/star.example.com.key
     SSLCertificateChainFile /etc/httpd/conf/ssl.crt/thawte_chain_bundle.crt
     SetEnvIf User-Agent .*MSIE.* nokeepalive ssl-unclean-shutdown
    ErrorLog /var/log/httpd/ssl-jira.example.com-error_log
    CustomLog /var/log/httpd/ssl-jira.example.com-access_log combined
    SSLProxyEngine on
    <Proxy *>
            Order deny,allow
            Allow from all
            #Allow from .your_domain.com
    </Proxy>

    ProxyRequests       Off
    ProxyPreserveHost   On


ProxyPass              /       http://localhost:8080/
ProxyPassReverse       /       http://localhost:8080/

Answer 1

在主虚拟主机中，您具有重写条件，可将非SSL流量重定向到https：

RewriteCond %{SERVER_PORT} 80
        RewriteRule ^(.*)$ https://jira.example.com/$1 [R,L]

删除此选项将删除重定向。

Answer 2

我刚才遇到了这个问题。

基本网址已在Jira中正确设置，但我仍然收到有关该网址与用于访问界面的网址不同的消息。

问题是我没有使用代理参数设置Tomcat连接器。 添加以下连接器解决了我的问题（当然，通过吉拉重启）

<Connector acceptCount="100" connectionTimeout="20000" 
   disableUploadTimeout="true" enableLookups="false" maxHttpHeaderSize="8192" 
   maxThreads="150" minSpareThreads="25"    port="8081" protocol="HTTP/1.1" 
   redirectPort="8443" useBodyEncodingForURI="true"

   <!-- This is the important part -->
   proxyName="jira.mybuisness.com" proxyPort="443" scheme="https"/>

这是对Jira的安装所做的唯一修改，与https代理相关的所有其他配置均由apache处理。

---

这是启用了mod_ssl mod_proxy mod_proxy_http和mod_proxy_connect的相关Apache配置。

<VirtualHost 192.168.5.143:443>
    ServerName          https://jira.mybuisness.com

    # SSLEngine is not specified in jira's documentation but was necessary for me
    SSLEngine               On
    SSLProxyEngine          On
    SSLCertificateFile      /path/to/my/certificate/cacert_https.pem
    SSLCertificateKeyFile   /path/to/private/privkey_https.pem

    ProxyRequests           Off
    ProxyPreserveHost       On
    ProxyPass               /       http://myjiraserver:8081/
    ProxyPassReverse        /       http://myjiraserver:8081/

    <Proxy *>
        Order deny,allow
        Allow from all
    </Proxy>

    ErrorLog "logs/jira-error.log"
    CustomLog "logs/jira-access.log" common
</VirtualHost>

<VirtualHost 192.168.5.143:80>  
    ErrorLog "logs/jira-error.log"
    CustomLog "logs/jira-access.log" common

    ServerName          superjiratest.mybuisness.com
    Redirect permanent  /   https://jira.mybuisness.com/
</VirtualHost>

我使用的是自签名密钥，因为这是一个测试设置，但与经过验证的付费密钥几乎相同。

我希望这会对某人有所帮助，我为此花费了很多时间。 我想OP将近一年后就找到了解决方案。