Apache HTTPS代理重定向背后的Jira

Question

我有一個使用tomcat和apache的jira服務器設置。 當我輸入URL jira.example.com時，它帶我到https://jira.example.com//secure/Dashboard.jspa ，由於URL而導致儀表板錯誤。 如果我輸入jira.example.com:8080，它將帶我到正確的網址。 http://jira.example.com:8080/secure/Dashboard.jspa可能存在問題的任何想法？

<IfModule mod_proxy.c>
ProxyRequests On

<VirtualHost *:80>
        ServerName jira.example.com
        ServerAlias jira jira.c11.example.com
        ProxyPreserveHost On
        ProxyRequests Off
        ProxyPass / http://localhost:8080/
        ProxyPassReverse / http://localhost:8080/
        ProxyTimeout 60
        RewriteEngine On
        RewriteCond %{SERVER_PORT} 80
        RewriteRule ^(.*)$ https://jira.example.com/$1 [R,L]
        ErrorLog /var/log/httpd/jira.example.com-error_log
        CustomLog /var/log/httpd/jira.example.com-access_log combined
</VirtualHost>

<VirtualHost *:443>
   ServerName jira.example.com
   ServerAlias jira jira.c11.example.com
     ServerSignature On
     SSLEngine on
     SSLCertificateFile    /etc/httpd/conf/ssl.crt/star.example.com.crt
     SSLCertificateKeyFile /etc/httpd/conf/ssl.key/star.example.com.key
     SSLCertificateChainFile /etc/httpd/conf/ssl.crt/thawte_chain_bundle.crt
     SetEnvIf User-Agent .*MSIE.* nokeepalive ssl-unclean-shutdown
    ErrorLog /var/log/httpd/ssl-jira.example.com-error_log
    CustomLog /var/log/httpd/ssl-jira.example.com-access_log combined
    SSLProxyEngine on
    <Proxy *>
            Order deny,allow
            Allow from all
            #Allow from .your_domain.com
    </Proxy>

    ProxyRequests       Off
    ProxyPreserveHost   On


ProxyPass              /       http://localhost:8080/
ProxyPassReverse       /       http://localhost:8080/

Answer 1

在主虛擬主機中，您具有重寫條件，可將非SSL流量重定向到https：

RewriteCond %{SERVER_PORT} 80
        RewriteRule ^(.*)$ https://jira.example.com/$1 [R,L]

刪除此選項將刪除重定向。

Answer 2

我剛才遇到了這個問題。

基本網址已在Jira中正確設置，但我仍然收到有關該網址與用於訪問界面的網址不同的消息。

問題是我沒有使用代理參數設置Tomcat連接器。 添加以下連接器解決了我的問題（當然，通過吉拉重啟）

<Connector acceptCount="100" connectionTimeout="20000" 
   disableUploadTimeout="true" enableLookups="false" maxHttpHeaderSize="8192" 
   maxThreads="150" minSpareThreads="25"    port="8081" protocol="HTTP/1.1" 
   redirectPort="8443" useBodyEncodingForURI="true"

   <!-- This is the important part -->
   proxyName="jira.mybuisness.com" proxyPort="443" scheme="https"/>

這是對Jira的安裝所做的唯一修改，與https代理相關的所有其他配置均由apache處理。

---

這是啟用了mod_ssl mod_proxy mod_proxy_http和mod_proxy_connect的相關Apache配置。

<VirtualHost 192.168.5.143:443>
    ServerName          https://jira.mybuisness.com

    # SSLEngine is not specified in jira's documentation but was necessary for me
    SSLEngine               On
    SSLProxyEngine          On
    SSLCertificateFile      /path/to/my/certificate/cacert_https.pem
    SSLCertificateKeyFile   /path/to/private/privkey_https.pem

    ProxyRequests           Off
    ProxyPreserveHost       On
    ProxyPass               /       http://myjiraserver:8081/
    ProxyPassReverse        /       http://myjiraserver:8081/

    <Proxy *>
        Order deny,allow
        Allow from all
    </Proxy>

    ErrorLog "logs/jira-error.log"
    CustomLog "logs/jira-access.log" common
</VirtualHost>

<VirtualHost 192.168.5.143:80>  
    ErrorLog "logs/jira-error.log"
    CustomLog "logs/jira-access.log" common

    ServerName          superjiratest.mybuisness.com
    Redirect permanent  /   https://jira.mybuisness.com/
</VirtualHost>

我使用的是自簽名密鑰，因為這是一個測試設置，但與經過驗證的付費密鑰幾乎相同。

我希望這會對某人有所幫助，我為此花費了很多時間。 我想OP將近一年后就找到了解決方案。