JIRA and IIS as Reverse Proxy with Reverse rewrite host in response headers option Enabled fails for HTTPS
Platform Notice: Data Center - This article applies to Atlassian products on the Data Center platform.
Note that this knowledge base article was created for the Data Center version of the product. Data Center knowledge base articles for non-Data Center-specific features may also work for Server versions of the product, however they have not been tested. Support for Server* products ended on February 15th 2024. If you are running a Server product, you can visit the Atlassian Server end of support announcement to review your migration options.
*Except Fisheye and Crucible
Please note, that Reverse Proxy Configurations are not formally supported by Atlassian. See: Atlassian Support Offerings and Integrating JIRA with IIS for further guidance on IIS Reverse Proxy configuration.
Problem
When using IIS as a Reverse Proxy for JIRA, if the option to set Reverse rewrite host in response headers is enabled, HTTP paths are not changed to HTTPS URL's. This causes browsers to fail loading content.
Diagnosis
Environment
- JIRA with IIS configured as a Reverse Proxy
Diagnostic Steps
Using a Browser with debugging capabilities, reports the Errors such as the following:
This request has been blocked; The content must be served over HTTPS
Cause
The Setting to "Reverse rewrite host in response headers" controls whether or not IIS will change the host the client is using to access JIRA. This can be useful when proxying an internal hostname, but complicates HTTPS Reverse proxy access.
Resolution
Disable the option: "Reverse rewrite host in response headers" may assist with this issue.