Confluence and JIRA with HTTPS
Thursday, September 1, 2011 at 9:11AM | Chris Astall So I wanted to get the development server running over HTTPS. This was always on my list of things to get done but the issue was forced as a supplier was having trouble accessing SVN over HTTP and after some research it seemed that it might be because a proxy somewhere between them and server was tripping out the relevant WebDAV HTTP methods. One way around this was to use HTTPS.
So to check things out I obtained a free 30 day SSL from SSL247. This has issued me with a RapidSSL certificate, which is great as they seem preety cheap and as this is a develoment server I have no need for and EV cert so I applied and within 5 mins I had my certificate.
With this installed the static webpages and SVN worked fine. I have yet to get the supplier to try but at this point everything was OK. The problems came when trying to get Confluence and JIRA servers running with HTTPS.
I knew that I had to change the base URLs, so once this was done I tried to access the server and I was getting redirected at various points to the HTTP version. Unfortunatly the documentation on the Atlassian website all refers to getting Confluence and JIRA serving HTTPS directly. This though is not what I required as I wanted Apache to be the SSL endpoint and forward the traffic to Confluence and JIRA using HTTP. This would be OK as the Confluence and JIRA installations were only available on localhost and so no issues.
After seraching the internet I stumbled across Lackhead.org who had the answer. The full answer is here, but in breif the proxyPort, scheme and proxyName elements needs to be added to server.xml, like so
And that's it, restart Tomcat and it all works. You can now remove the non-ssl directives from the Apache config so that Confluence, JIRA and SVN are no longer accessible on HTTP. Of course if you have links to those old URLs you will need to add rewrite rules to redirect the http versions to the https versions
And that really is it.