You may be experiencing slow load times on the forum; the team is working to resolve this ASAP.

×
Forums
Home Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions
Community
Forums
Home Q&A Discussion groups Articles Ask a question Search
Learning Events Champions
Forums
Home Q&A Discussion groups Articles Ask a question Search
Learning Events Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Not able to run Jira in HTTPS

Nikhil
Nikhil January 10, 2017

...

Answer
Watch
Like Vasiliy Zverev likes this
1169 views

3 answers

1 accepted

1 vote
Answer accepted
Jonas Andersson
Jonas Andersson
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
January 10, 2017

I would warmly recommend you to terminate the SSL at the apache, and simply only run HTTP on the application server, and forward the SSL/NON-SSL to internal NON-SSL like this:

<VirtualHost *:80>
    ServerName jira.our.fqdn.goes.here
    ServerAlias jira jira.our.external.domain.com
    <Directory />
    AllowOverride None
    Order allow,deny
    allow from all
    </Directory>
    RewriteEngine On
    RewriteRule ^/(.*)$ https://jira.our.fqdn.goes.here%{REQUEST_URI} [R,L]
    ProxyPass / http://jira.our.fqdn.goes.here:8081/
    ProxyPassReverse / http://jira.our.fqdn.goes.here:8081/
</VirtualHost>
<VirtualHost *:443>
    ServerName jira.our.fqdn.goes.here
    ServerAlias jira jira.our.external.domain.com
    SSLProxyEngine on
    RewriteEngine On
    RewriteCond %{HTTP_HOST} !^jira\.our\.fqdn\.goes\.here [NC]
    RewriteRule ^/(.*)$ https://jira.our.fqdn.goes.here%{REQUEST_URI} [R,L]
    ProxyRequests Off
    ProxyPreserveHost On
    ProxyPass / http://jira.our.fqdn.goes.here:8081/
    ProxyPassReverse / http://jira.our.fqdn.goes.here:8081/
    ErrorLog /var/log/httpd/jira_ssl_error_log
    MaxKeepAliveRequests 500
    KeepAlive On
    SSLEngine on
    SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
    SSLCertificateFile /root/shared.cer
    SSLCertificateKeyFile /root/shared.key
    SSLProxyVerify none
    SSLProxyCheckPeerCN off
    SSLProxyCheckPeerName off
</VirtualHost>

 

Reason you see a shared key is because we use alt_name configured SSL certs, allowing several tomcats applications to be hosted on the same server.

In server.xml you would only have one http port, 8081 in this case.

Reply
0 votes
Nikhil
Nikhil January 25, 2017

Hi,

I am getting this error in error_log:

[Wed Jan 25 06:49:40.735436 2017] [suexec:notice] [pid 11229] AH01232: suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Wed Jan 25 06:49:40.736348 2017] [ssl:warn] [pid 11229] AH02292: Init: Name-based SSL virtual hosts only work for clients with TLS server name indication support (RFC 4366)
[Wed Jan 25 06:49:40.749484 2017] [so:warn] [pid 11229] AH01574: module ssl_module is already loaded, skipping
[Wed Jan 25 06:49:40.750297 2017] [so:warn] [pid 11229] AH01574: module proxy_module is already loaded, skipping
[Wed Jan 25 06:49:40.750372 2017] [so:warn] [pid 11229] AH01574: module proxy_connect_module is already loaded, skipping
[Wed Jan 25 06:49:40.750388 2017] [so:warn] [pid 11229] AH01574: module proxy_http_module is already loaded, skipping
(98)Address already in use: AH00072: make_sock: could not bind to address 0.0.0.0:443
[Wed Jan 25 06:49:40.752510 2017] [mpm_prefork:alert] [pid 11229] no listening sockets available, shutting down
[Wed Jan 25 06:49:40.752515 2017] [:emerg] [pid 11229] AH00019: Unable to open logs, exiting

 

When i did netstat, there is nothing running on 443 port. Can you please tell me if anything else is reason?

 

Nikhil

Reply
0 votes
Nikhil
Nikhil January 11, 2017

Issue resolved

View More Comments
Nikhil
Nikhil January 24, 2017

Hello Jonas,

Kindly help us in setting up  HTTPS over a Webex or a call as it very critical now. We are planning for Upgrade next month and we are running out of tinme.

Nikhil

Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Notice at Collection Terms Security