Gadget not rendered when accessing Jira server via HTTPS URL
Platform notice: Server and Data Center only. This article only applies to Atlassian products on the Server and Data Center platforms.
Support for Server* products ended on February 15th 2024. If you are running a Server product, you can visit the Atlassian Server end of support announcement to review your migration options.
*Except Fisheye and Crucible
Symptoms
After upgrading to JIRA 4.0.1 or later, gadgets may not render over https://www.mycompany.com/jira or https://jira.mycompany.com, but work fine over http.
You may see errors in the logs similar to this:
2010-02-12 13:12:25,881 http-17000-3 ERROR anonymous 47545x3x1 asaintprix /plugins/servlet/gadgets/dashboard-diagnostics [dashboard.internal.diagnostics.DiagnosticsServlet] DIAGNOSTICS: FAILED
com.atlassian.gadgets.dashboard.internal.diagnostics.UrlSchemeMismatchException: Detected URL scheme, 'http', does not match expected scheme 'https'
at com.atlassian.gadgets.dashboard.internal.diagnostics.Diagnostics.checkExpectedScheme(Diagnostics.java:58)
at com.atlassian.gadgets.dashboard.internal.diagnostics.Diagnostics.check(Diagnostics.java:30)
Cause
JIRA applications sit behind a reverse proxy or load balancer and doesn't know the URL scheme, hostname or port to connect to Tomcat. Gadgets therefore cannot resolve their path.
The content on this page relates to platforms which are not supported. Consequently, Atlassian Support cannot guarantee providing any support for it. Please be aware that this material is provided for your information only and using it is done so at your own risk.
Resolution
Note that an SSL connection between Apache and Tomcat is usually unnecessary. That is, the SSL connection can be terminated at Apache Web Server, and the connection to Tomcat can run over HTTP.
Make sure you have properly configured the Tomcat connector port attributes as described in Integrating JIRA applications with Apache using SSL or Integrating JIRA Server applications with Apache. Note that an SSL connection between Apache and Tomcat is usually unnecessary. If you choose this option, you should change the attribute in your Tomcat Connector in conf/server.xml (if using stand-alone) or jira.xml (if using EAR/WAR) from secure="true" to secure="false".
Standard Connector Port where Tomcat handles SSL encryption
Notice in this example which shows our default connector port information secure="true". This is used when Tomcat is handling traffic over https. If Tomcat is not handling encryption, you'll need secure="false" as shown above.
<Connector port="8443" maxHttpHeaderSize="8192"
maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
enableLookups="false" disableUploadTimeout="true" useBodyEncodingForURI="true"
acceptCount="100" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS" />