ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    jira + nginx - can't login via https

    Scheduled Pinned Locked Moved IT Discussion
    5 Posts 3 Posters 276 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • E
      emoxam
      last edited by

      I'm trying to setup jira server via nginx proxy.
      made a A dns record for it, made an port forwarding to NGINX (with certbot installed),
      at nginx i got this jira.blabla.com. conf config

      [server {
server_name jira.blabla.com;

location / {
    proxy_set_header X-Forwarded-Host $host;
    proxy_set_header X-Forwarded-Server $host;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_pass  http://172.16.1.19:8080;
}

listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/jira.blabla.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/jira.blabla.com/privkey.pem; # managed by Certbot
 ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
}

server {
listen 80;
server_name jira.blabla.com;
return 301 https://$server_name$request_uri;]

      /opt/atlassian/jira/conf/server.xml

      <Connector port="8080" relaxedPathChars="[]|" relaxedQueryChars="[]|{}^\`"<>"
maxThreads="150" minSpareThreads="25" connectionTimeout="20000" enableLookups="false"
maxHttpHeaderSize="8192" protocol="HTTP/1.1" useBodyEncodingForURI="true" redirectPort="8443"
acceptCount="100" disableUploadTimeout="true" bindOnInit="false" secure="true" scheme="https"
proxyName="jira.blabla.com" proxyPort="443"/>

      old one is commented

      <!--
<Connector port="8080" relaxedPathChars="[]|" relaxedQueryChars="[]|{}^\`"<>"
maxThreads="150" minSpareThreads="25" connectionTimeout="20000" enableLookups="false"
maxHttpHeaderSize="8192" protocol="HTTP/1.1" useBodyEncodingForURI="true" redirectPort="8443"
acceptCount="100" disableUploadTimeout="true" bindOnInit="false"/>
-->

      i opening https://jira.blabla.com
      and i can't login with no error
      with the sane credentials i can login at http://jira.blabla.lan:8080/

      1 JaredBuschJ 2 Replies Last reply Reply Quote 0
      • 1
        1337 @emoxam
        last edited by

        @emoxam said in jira + nginx - can't login via https:

        I'm trying to setup jira server via nginx proxy.
        made a A dns record for it, made an port forwarding to NGINX (with certbot installed),
        at nginx i got this jira.blabla.com. conf config

        [server {
server_name jira.blabla.com;

location / {
    proxy_set_header X-Forwarded-Host $host;
    proxy_set_header X-Forwarded-Server $host;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_pass  http://172.16.1.19:8080;
}

listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/jira.blabla.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/jira.blabla.com/privkey.pem; # managed by Certbot
 ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
}

server {
listen 80;
server_name jira.blabla.com;
return 301 https://$server_name$request_uri;]

        /opt/atlassian/jira/conf/server.xml

        <Connector port="8080" relaxedPathChars="[]|" relaxedQueryChars="[]|{}^\`"<>"
maxThreads="150" minSpareThreads="25" connectionTimeout="20000" enableLookups="false"
maxHttpHeaderSize="8192" protocol="HTTP/1.1" useBodyEncodingForURI="true" redirectPort="8443"
acceptCount="100" disableUploadTimeout="true" bindOnInit="false" secure="true" scheme="https"
proxyName="jira.blabla.com" proxyPort="443"/>

        old one is commented

        <!--
<Connector port="8080" relaxedPathChars="[]|" relaxedQueryChars="[]|{}^\`"<>"
maxThreads="150" minSpareThreads="25" connectionTimeout="20000" enableLookups="false"
maxHttpHeaderSize="8192" protocol="HTTP/1.1" useBodyEncodingForURI="true" redirectPort="8443"
acceptCount="100" disableUploadTimeout="true" bindOnInit="false"/>
-->

        i opening https://jira.blabla.com
        and i can't login with no error
        with the sane credentials i can login at http://jira.blabla.lan:8080/

        You're using https but you don't have any information for proxying tcp 443 assigned in the nginx config.

        JaredBuschJ 1 Reply Last reply Reply Quote 0
        • JaredBuschJ
          JaredBusch @1337
          last edited by

          @pete-s said in jira + nginx - can't login via https:

          You're using https but you don't have any information for proxying tcp 443 assigned in the nginx config.

          It is, you even quoted it

          1 1 Reply Last reply Reply Quote 0
          • JaredBuschJ
            JaredBusch @emoxam
            last edited by

            @emoxam said in jira + nginx - can't login via https:

            secure="true" scheme="https"
            proxyName="jira.blabla.com" proxyPort="443"/>

            Are you sure this part is right for enabling Jira behind a proxy?

            1 Reply Last reply Reply Quote 0
            • 1
              1337 @JaredBusch
              last edited by 1337

              @jaredbusch said in jira + nginx - can't login via https:

              @pete-s said in jira + nginx - can't login via https:

              You're using https but you don't have any information for proxying tcp 443 assigned in the nginx config.

              It is, you even quoted it

              My bad. I thought his internal server running jira was setup to use https (self-signed certificate) on port 8443 (with redirect on 8080).

              1 Reply Last reply Reply Quote 0
              • 1 / 1
              • First post
                Last post