Cannot login to Jira server when terminating SSL at load balancer

Related content

  • No related content found

Still need help?

The Atlassian Community is here for you.

Ask the community

Platform notice: Server and Data Center only. This article only applies to Atlassian products on the Server and Data Center platforms.

Support for Server* products ended on February 15th 2024. If you are running a Server product, you can visit the Atlassian Server end of support announcement to review your migration options.

*Except Fisheye and Crucible

The content on this page relates to platforms which are not supported for JIRA Applications. Consequently, Atlassian cannot guarantee providing any support for it. Please be aware that this material is provided for your information only and using it is done so at your own risk.

Symptoms

  • The JIRA application has been recently upgraded, users are not able to login via login gadget.
  • Dashboard does not render after user logs in via login page.

  • The following appears in the atlassian-jira.log

    2011-08-30 08:47:00,552 http-8180-7 ERROR anonymous 527x1499x1 1frwtec 192.168.13.5 /plugins/servlet/gadgets/dashboard-diagnostics [dashboard.internal.diagnostics.DiagnosticsServlet] DIAGNOSTICS: FAILED
com.atlassian.gadgets.dashboard.internal.diagnostics.UrlSchemeMismatchException: Detected URL scheme, 'http', does not match expected scheme 'https'
 at com.atlassian.gadgets.dashboard.internal.diagnostics.Diagnostics.checkExpectedScheme(Diagnostics.java:59)
 at com.atlassian.gadgets.dashboard.internal.diagnostics.Diagnostics.check(Diagnostics.java:31)
 at com.atlassian.gadgets.dashboard.internal.diagnostics.DiagnosticsServlet.executeDiagnostics(DiagnosticsServlet.java

Cause

  • JIRA applications are running behind a load balancer with SSL Termination configured.
  • JIRA applications are expecting https scheme while http is detected.


Resolution

Comment out https setting in the server.xml and refer to step 3 of 'Configure Tomcat' in this guide. Specifically, ensure that the scheme, proxyName and proxyPort attributes are configured in the relevant connector.  Replace the "<proxy_server>" with the proxy server address.

 <Connector port="8080"
 relaxedPathChars="[]|"
 relaxedQueryChars="[]|{}^\`"<>"  
 maxThreads="150"
 minSpareThreads="25"
 maxSpareThreads="75"
 connectionTimeout="20000"
 enableLookups="false"
 maxHttpHeaderSize="8192"
 protocol="HTTP/1.1"
 useBodyEncodingForURI="true"
 redirectPort="8443"
 acceptCount="100"
 disableUploadTimeout="true"
 scheme="https"
 proxyName="<proxy_server>"
 proxyPort="443"
/>

<!--
 <Connector port="8443" protocol="org.apache.coyote.http11.Http11Protocol"
 maxHttpHeaderSize="8192" SSLEnabled="true" 
 maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
 enableLookups="false" disableUploadTimeout="true"
 acceptCount="100" scheme="https" secure="true" 
 clientAuth="false" sslProtocol="TLS" useBodyEncodingForURI="true"/>
-->

Related Content

This issue is related to KB Gadgets do not Display Correctly when Using SSL and Proxy Server


Last modified on Sep 15, 2022

Was this helpful?

Yes
No
Provide feedback about this article

Related content

  • No related content found
Powered by Confluence and Scroll Viewport.