Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Setting up application links between 2 jira instances that are sitting behind a reverse proxy.

Bryan Karsh
Bryan Karsh
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
November 5, 2012

Hi,

I've got 2 instances of Jira running behind a reverse proxy -- https terminates at the proxy level:

https --> proxy --> http -->tomcat

When I try to create application links between the 2 jira instances, I get :

"Application 'foo' seems to be offline. Click Here to Relocate."

In the logs, I see:

Could not reach provider foo; it will be omitted from the stream. The connection will be retried in 5 minutes.

I had read some people mention that you need to import the ssl root cert into the java keystore. I imported the ssl root cert from the proxy server into the keystores of both my java instances. Restarted services... still experiencing the problem.

I also tried adding the the proxy ip and application server ip for the inbound application links.

Am I missing something here? Any tips would be great -- the stuff I've seen online seems fragmentary. Seems clear that the proxy is making it hard for the 2 instances to see each other...

Answer
Watch
Like Be the first to like this
1496 views

4 answers

1 accepted

0 votes
Answer accepted
Bryan Karsh
Bryan Karsh
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
December 11, 2012

To fix this, I ended up adding an entry to the /etc/hosts file on both tomcat boxes, so that the externally facing ip *name* resolved to the proxy's internal IP. That way, the tomcats could resolve the external ip name that was being passed through the reverse proxy.

Reply
0 votes
Jessica Mulein
Jessica Mulein June 6, 2013

I am also hitting this problem. I have confluence, stash, and jira all going through mod_proxy on apache and all 3 work individually and link but all think they're offline.

Reply
0 votes
Jimmy Shen
Jimmy Shen
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
November 8, 2012

I also meet such problem. the single instance can be accessed through https, but the two instances can't connect via applicaiton links. and the self-signed certificate of two instances has been put in each keystore.

Reply
0 votes
Septa Cahyadiputra
Septa Cahyadiputra
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
November 5, 2012

Hi Bryan,

Just narrowing down the issue, have you set the URL redirection for both instance on each instance server.xml as describe here. Application links need those configuration to be set to understand the proxy redirection.

Hope it helps.

Cheers,
Septa Cahyadiputra

View More Comments
Bryan Karsh
Bryan Karsh
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
November 6, 2012

Ijira connector:

 <Service name="Catalina">

        <Connector port="8080"

                   maxThreads="150"
                   minSpareThreads="25"
                   maxSpareThreads="75"
                   connectionTimeout="20000"

                   enableLookups="false"
                   maxHttpHeaderSize="8192"
                   protocol="HTTP/1.1"
                   useBodyEncodingForURI="true"
                   redirectPort="8443"
                   acceptCount="100"
                   disableUploadTimeout="true"
              secure="true" scheme="https" proxyName="server.foo.com" proxyPort="443"

/>


ijira context:

   <Engine name="Catalina" defaultHost="localhost">
            <Host name="localhost" appBase="webapps" unpackWARs="true" autoDeploy="true">

                <Context path="/ijira" docBase="${catalina.home}/atlassian-jira" reloadable="false" useHttpOnly="true">


 



ejira connector:
  <Service name="Catalina">

        <Connector port="8080"

                   maxThreads="150"
                   minSpareThreads="25"
                   maxSpareThreads="75"
                   connectionTimeout="20000"

                   enableLookups="false"
                   maxHttpHeaderSize="8192"
                   protocol="HTTP/1.1"
                   useBodyEncodingForURI="true"
                   redirectPort="8443"
                   acceptCount="100"
                   disableUploadTimeout="true"
             secure="true" scheme="https" proxyName="monitor.qpass.com" proxyPort="443"
/>


ejira context:

 <Engine name="Catalina" defaultHost="localhost">
            <Host name="localhost" appBase="webapps" unpackWARs="true" autoDeploy="true">

                <Context path="/ejira" docBase="${catalina.home}/atlassian-jira" reloadable="false" useHttpOnly="true">


The proxy works in terms of accessing/using either Jira instance -- but the application links don't work -- the jiras can't see
eachother.  

Any tips?
Like
Bryan Karsh
Bryan Karsh
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
November 6, 2012 
Hi,

Here is some of my config info (obfuscated server names). As you can see, I am making use of mod_rewrite, 
and the 2 jira instances (ijira, ejira)  are just 2 subdomains:



<VirtualHost *:443>
  ServerName server.foo.com
  RewriteEngine on
#  RewriteRule ^/$              https://%{HTTP_HOST}/zabbix/                                    [R,L]
  RewriteRule ^/zabbix$         https://%{HTTP_HOST}/zabbix/                                    [R,L]
  RewriteRule ^/(zabbix/.*)$    http://foo-prod-foozbx.db.foo.net/$1?%{QUERY_STRING}        [P,L]
#  RewriteRule ^/(zabbix/.*)$   http://foo-prod-fooapp-4.bar1.foo.net/$1?%{QUERY_STRING}    [P,L]
  RewriteRule ^/(xy.*)$         http://foo-prod-fooapp-6.bar1.foo.net/$1?%{QUERY_STRING}    [P,L]
  RewriteRule ^/ijira$          https://%{HTTP_HOST}/ijira/                                     [R,L]
  RewriteRule ^/(ijir.*)$       http://jira-1.bar1.foo.net:8080/$1?%{QUERY_STRING}     [P,L]
  RewriteRule ^/ejira$          https://%{HTTP_HOST}/ejira/                                     [R,L]
  RewriteRule ^/(ejir.*)$       http://jira-2.bar1.foo.net:8080/$1?%{QUERY_STRING}     [P,L]
  RewriteRule ^                 /etc/httpd/conf.d/empty.html                                    [L]
</VirtualHost>




 


 
 


 


 


 


 


 


 

					
				
			
			
			
				
			
			
			
			
			
			
		

		
		
	

	
	


	

		
	
	


		

	

		

			
		

	



		

	
				

			

			
 

		

	
				
				
			

		

	

	

	



	

	


	

	
	
	

	
		

	       	
	 

	
		
	

	       	
		

	



  Like         
              

              



	

	

	 
	
	
	 
	
	

	

	

	
		

			

			
	

	

		


	

	
		

			

				
					
		

			
 

			

				

					

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

			

	

		

			

	
		
			
		
			

 
 Bryan Karsh  
 
 Bryan Karsh 
 Rising Star 
 
 
  
 Rising Star 
 
 Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders. 
 
 Get recognized 
 
 
   November 16, 2012         
 

		
	
	


		

	

		

			

	
		
			

		

	
		

			
				
					
					
						
Hi,


Here's what I have in my apache (v2.2) vhosts:


NameVirtualHost *:80
&lt;VirtualHost *:80&gt;
  ServerName redirect.to.https.myserver.com
  RewriteEngine on
  # redirect requests with arguments with the arguments
  RewriteCond %{QUERY_STRING} !^$
  RewriteRule ^/(.*)$   https://%{HTTP_HOST}/$1?%{QUERY_STRING} [R,L]
  # all others redirect without the argument
  RewriteRule ^/(.*)$   https://%{HTTP_HOST}/$1                 [R,L]
&lt;/VirtualHost&gt;


&lt;VirtualHost *:443&gt;
  ServerName monitor.myserver.com
  RewriteEngine on
  RewriteRule ^/zabbix$         https://%{HTTP_HOST}/zabbix/                                    [R,L]
  RewriteRule ^/(zabbix/.*)$    http://myserver-prod-monzbx.db.myserver.net/$1?%{QUERY_STRING}        [P,L]
  RewriteRule ^/(xy.*)$         http://myserver-prod-monapp-6.sea1.myserver.net/$1?%{QUERY_STRING}    [P,L]
  RewriteRule ^/ejira$          http://%{HTTP_HOST}/ejira/                                     [R,L]
  RewriteRule ^/(ejir.*)$       http://jc-vmtomcat-2.sea1.myserver.net:8080/$1?%{QUERY_STRING}     [P,L]
  RewriteRule ^/ijira$          http://%{HTTP_HOST}/ijira/                                     [R,L]
  RewriteRule ^/(ijir.*)$       http://jc-vmtomcat-1.sea1.myserver.net:8080/$1?%{QUERY_STRING}     [P,L]
  RewriteRule ^                 /etc/httpd/conf.d/empty.html                                    [L]
&lt;/VirtualHost&gt;


 


 

					
				
			
			
			
				
			
			
			
			
			
			
		

		
		
	

	
	


	

		
	
	


		

	

		

			
		

	



		

	
				

			

			
 

		

	
				
				
			

		

	

	

	



	

	


	

	
	
	

	
		

	       	
	 

	
		
	

	       	
		

	



  Like         
              

              



	

	

	 
	
	
	 
	
	

	

	

	
		

			

			
	

	

		


	

	
		

			

				
					
		

			
 

			

				

					

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

			

	

		

			

	
		
			
		
			

 
 Bryan Karsh  
 
 Bryan Karsh 
 Rising Star 
 
 
  
 Rising Star 
 
 Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders. 
 
 Get recognized 
 
 
   November 16, 2012         
 

		
	
	


		

	

		

			

	
		
			

		

	
		

			
				
					
					
						
And here is what I have in tomcat server.xml

 &lt;Connector port="8080"

                   maxThreads="150"
                   minSpareThreads="25"
                   maxSpareThreads="75"
                   connectionTimeout="20000"

                   enableLookups="false"
                   maxHttpHeaderSize="8192"
                   protocol="HTTP/1.1"
                   useBodyEncodingForURI="true"
                   redirectPort="8443"
                   acceptCount="100"
                   disableUploadTimeout="true"
                   secure="true"
                   scheme="https"
                   proxyName="monitor.myserver.com"
                   proxyPort="443"

/&gt;


 


 

					
				
			
			
			
				
			
			
			
			
			
			
		

		
		
	

	
	


	

		
	
	


		

	

		

			
		

	



		

	
				

			

			
 

		

	
				
				
			

		

	

	

	



	

	


	

	
	
	

	
		

	       	
	 

	
		
	

	       	
		

	



  Like         
              

              



	

	

	 
	
	
	 
	
	

	

	

	
		

			

			
	

	

		


	

	
		

			

				
					
		

			
 

			

				

					

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

			

	

		

			

	
		
			
		
			

 
 Bryan Karsh  
 
 Bryan Karsh 
 Rising Star 
 
 
  
 Rising Star 
 
 Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders. 
 
 Get recognized 
 
 
   November 16, 2012         
 

		
	
	


		

	

		

			

	
		
			

		

	
		

			
				
					
					
						
To summarize:


1. reverse proxy is already serving some other apps -- I am adding 2 jira instances (ejira and ijira to it).


2. Above configuration allows me to access and use both instances of jira just fine.. however....


3. I am unable to create application links between the 2 jira instances.


I don't know if issue is that I am trying to use mod_rewrite instead of mod_proxy... etc. I need to use the mod_rewrite for the other apps that are already using the reverse proxy. I've read that mod_rewrite can overwrite mod_proxy... I'm wondering if this is some sort of collision?


 


Or, if I am overlooking something, that is entirely possible. I am kind of an apache noob.


 


Thanks for any help.. this has been stumping me for weeks!

					
				
			
			
			
				
			
			
			
			
			
			
		

		
		
	

	
	


	

		
	
	


		

	

		

			
		

	



		

	
				

			

			
 

		

	
				
				
			

		

	

	

	



	

	


	

	
	
	

	
		

	       	
	 

	
		
	

	       	
		

	



  Like         
              

              



	

	

	 
	
	
	 
	
	

	

	

	
		

			

			
	

	

		


	

	
		

			

				
					
		

			
 

			

				

					

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

			

	

		

			

	
		
			
		
			

 
 Bryan Karsh  
 
 Bryan Karsh 
 Rising Star 
 
 
  
 Rising Star 
 
 Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders. 
 
 Get recognized 
 
 
   November 17, 2012         
 

		
	
	


		

	

		

			

	
		
			

		

	
		

			
				
					
					
						
One additional question. Could this maybe be a firewall issue? I had a proxy working fine, (including application links), but once I moved to a proxy in the DMZ, I started having issues with the application links. Are there specific ports on the internal tomcat instances that host ejira and ijira that the proxy needs to be able to access? Looks like right now the proxy can talk to both jiras on 8080. Do I need 8443 as well?

					
				
			
			
			
				
			
			
			
			
			
			
		

		
		
	

	
	


	

		
	
	


		

	

		

			
		

	



		

	
				

			

			
 

		

	
				
				
			

		

	

	

	



	

	


	

	
	
	

	
		

	       	
	 

	
		
	

	       	
		

	



  Like         
              

              



	

	

	 
	
	
	 
	
	

	

	

	
		

			

			
	

	

		


	

	
		

			

				
					
		

			
 

			

				

					

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

			

	

		

			

	
		
			
		
			

 
 Bryan Karsh  
 
 Bryan Karsh 
 Rising Star 
 
 
  
 Rising Star 
 
 Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders. 
 
 Get recognized 
 
 
   November 18, 2012         
 

		
	
	


		

	

		

			

	
		
			

		

	
		

			
				
					
					
						
Found something -- nslookup is showing me that the 2 tomcat hosts can't see eachother. Seems like this may be a DNS issue. Once I have the resolved, I will retest.


 

					
				
			
			
			
				
			
			
			
			
			
			
		

		
		
	

	
	


	

		
	
	


		

	

		

			
		

	



		

	
				

			

			
 

		

	
				
				
			

		

	

	

	



	

	


	

	
	
	

	
		

	       	
	 

	
		
	

	       	
		

	



  Like         
              


    

      Reply
    

      
 
  
    
  




  




 
Suggest an answer
 
 Log in or Sign up to answer 
 
  
		
			

		
			

		
	
	


		

			

	
		
			
		
			
		
			

   
 Jira 
  
 Jira 
  
 
TAGS
   


		
			

		
			
  
 
 
 
 AUG Leaders 
 
 
 
Atlassian Community Events
 
 
 
 
 
     
     See all events 
     
     
     
    
  
		
	
	

    
		
    
	
    
		
    
			
    
	
		
			
    
	
    
		
    
			
    
	
		
			

     
     
     
     
      
     
     
     
      
     Community 
          
     
     
     
      
     Forums 
          
     FAQs Forums guidelines 
     
     
      
     Learning 
          
     About learning Resources 
     
     
      
     Events 
          
     
     
     
      
     Champions 
          
     
     
     
     
     
     Copyright © 2025 Atlassian 
     Privacy Policy Terms Security 
     
     
     
     
     
    
		
	
	

    
		
    
	
    

    
		
	
	

    
		
    
	
    

    
	

	
						
    
					
			
    								
		
    
	
    

				
			
		
    
	
    
	
	
	
	
	





    


    
 
     
     
     
     Welcome illustration 
     
     Welcome to the new Atlassian Community 
     
     Online forums and learning are now in one easy-to-use experience. 
     
     By continuing, you accept the updated Community Terms of Use and acknowledge the Privacy Policy. Your public name, photo, and achievements may be publicly visible and available in search engines.