Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Base URL Redirect after SSL implementation

Tim Finch
Tim Finch
Contributor
September 22, 2022

Hi :)

I am working with a client, we have introduced certificates for SSL, and they also want a Base URL change. (This is on Jira Server running on Windows Server)

 

Sounds simple... but...

 

Current Base url is <URL>:8080
We have implemented the SSL and changed the base url to just <URL>:8443 - that worked.

I have now changed the base url to just <URL> (no port) and that is working (however I had to use 443 rather than 8443. The client does not use, and does not want to use, a reverse proxy. hence 443 rather than 8443 to get the portless url to work

The outstanding issue I have is that the redirect from <URL>:8080 to new <URL> does not work.

I have the following in the server.xml


<Connector port="8080" redirectPort="443" relaxedPathChars="[]|" relaxedQueryChars="[]|{}^\`"<>"
maxThreads="150" minSpareThreads="25" connectionTimeout="20000" enableLookups="false"
maxHttpHeaderSize="8192" protocol="HTTP/1.1" useBodyEncodingForURI="true"
acceptCount="100" disableUploadTimeout="true" bindOnInit="false"/>

<Connector port="443" protocol="org.apache.coyote.http11.Http11NioProtocol"
maxHttpHeaderSize="8192" SSLEnabled="true" relaxedPathChars="[]|" relaxedQueryChars="[]|{}^\`"<>"
maxThreads="150" minSpareThreads="25"
enableLookups="false" disableUploadTimeout="true"
acceptCount="100" scheme="https" secure="true"
sslEnabledProtocols="TLSv1,TLSv1.1,TLSv1.2,TLSv1.3"
clientAuth="false" useBodyEncodingForURI="true"
keyAlias="lse-jira-uat.numiscorp.com" keystoreFile="C:\\Program Files\\Atlassian\\Application Data\\JIRA\\lse-jira-uat.jks" keystorePass="REMOVED" keystoreType="JKS"/>

I also have atlassians recommended settings in the web.xml.


so if I am on the server and go to localhost:8080 the redirect to the new URL works.

However if I use <URL>:8080 from anywhere else the redirect fails and I get a deadlink rather than a redirect.

Am I missing a setting anywhere to get the redirect to work?

As a side note, I have done the same on Confluence and the redirect works. So not sure why Jira does not.

Any help appreciated.

Answer
Watch
Like Be the first to like this
706 views

1 answer

0 votes
Dave Theodore [Coyote Creek Consulting]
Dave Theodore [Coyote Creek Consulting]
Community Champion
September 22, 2022

I would not recommend doing this in Tomcat.  In order to bind to port 443, Tomcat will need to run as administrator, which is a big no no from a security perspective.  You would be better off installing a reverse proxy (IIS, apache, etc,) configure SSL there and let it hand the privilege separation for you so you can run Tomcat as an unprivileged user. Atlassian has guides for common reverse proxy technologies.

Apache

NGINX

IIS

Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Notice at Collection Terms Security