Redirect HTTP Requests to HTTPS

'How Do I...' and 'How to...' Guide to Stash

On this page

Still need help?

The Atlassian Community is here for you.

Ask the community

  1. Follow the instructions in this document:  Securing Stash with Tomcat using SSL
  2. Ensure the redirectPort exists in the insecure connector and is defined with the port of the secure connector:

    Insecure port
             <Connector port="7990" protocol="HTTP/1.1"
                       connectionTimeout="20000"
                       useBodyEncodingForURI="true"
                       redirectPort="8443"
                       compression="on"
                       compressableMimeType="text/html,text/xml,text/plain,text/css,application/json,application/javascript,application/x-javascript"/>
    
    Secure port
             <Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol"
                       maxThreads="150" 
                       SSLEnabled="true" 
                       scheme="https" 
                       secure="true"
                       clientAuth="false" 
                       sslProtocol="TLS" />
  3. Add the following configuration before the closing </web-app> tag in the following file:

    <Stash installation directory>/atlassian-stash/WEB-INF/web.xml
    <security-constraint>
      <web-resource-collection>
        <web-resource-name>Restricted URLs</web-resource-name>
        <url-pattern>/*</url-pattern>
      </web-resource-collection>
      <user-data-constraint>
        <transport-guarantee>CONFIDENTIAL</transport-guarantee>
      </user-data-constraint>
    </security-constraint>
  4. Restart Stash

Last modified on Feb 23, 2016

Was this helpful?

Yes
No
Provide feedback about this article
Powered by Confluence and Scroll Viewport.