Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Running JIRA over both HTTP and HTTPS

Tom Allen
Tom Allen July 26, 2017

Our JIRA 7.1.6 instance runs over HTTP within our firewall, as do our other Atlassian apps (Confluence, FishEye/Crucible, Crowd, Bamboo). We have several requests to open up the firewall to allow JIRA to integrate with a cloud-based app (the Aha! roadmap app). My question: Can we configure JIRA to run over HTTPS for users outside our firewall (i.e. cloud services such as Aha!), while still running JIRA over HTTP for our internal users and all of its integrations to our other internal apps?

Answer
Watch
Like Be the first to like this
2132 views

1 answer

0 votes
Daniel Eads {unmonitored account}
Daniel Eads {unmonitored account}
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
July 26, 2017

It's possible (you can set up two listeners for Tomcat in server.xml) but this will present some issues when JIRA is generating links - like sending email notifications. Whatever you set as the base URL (either http://jira.yourcompany.com or https://jira.yourcompany.com) is what JIRA is going to generate links for. The email links would then essentially be "broken" for people not on whichever end you configure as your base URL.

I would actually suggest going all HTTPS (even internally) and updating your base URL to https://. If you can set your SSL terminator (Apache or nginx) to use http2, you'll probably even see a performance bump over HTTP.

Atlassian provides some documentation for using Apache or nginx as a SSL terminator / reverse proxy.

View More Comments
Tom Allen
Tom Allen July 28, 2017

Thanks, Daniel. We have to conduct an analysis to scope the impact of switching to HTTPS by our internal users and integration points. For expediency, we may end up doing this in two phases (phase 1: supporting HTTP and HTTPS for JIRA only, HTTP elsewhere; then phase 2: all in on HTTPS, once we upgrade our existing Apache reverse proxy). 

I appreciate your insights and suggestions!

Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Terms Security
    Welcome illustration

    Welcome to the new Atlassian Community

    Online forums and learning are now in one easy-to-use experience.

    By continuing, you accept the updated Community Terms of Use and acknowledge the Privacy Policy. Your public name, photo, and achievements may be publicly visible and available in search engines.