Jenkins reverse proxy (Apache) with SSL

198 views
Skip to first unread message

Ashish Yadav

unread,
Jan 25, 2018, 8:35:06 PM1/25/18
to jenkins...@googlegroups.com

I am running Jenkins on Centos 7 behind a reverse proxy with ssl certs.  I want Apache to handle the ssl certs. User -> HTTPS -> Apache -> HTTP -> Jenkins application. Here is what my configuration looks like.

 

RewriteEngine On

RewriteCond %{HTTPS} !on

RewriteRule /.* https://<hostname>$0 [R=301,L]

 

<VirtualHost *: 443>

    ErrorLog logs/ssl_error_log

    TransferLog logs/ssl_access_log

    LogLevel warn

    SSLCertificateFile /etc/pki/tls/certs/localhost.crt

    SSLCertificateKeyFile /etc/pki/tls/private/localhost.key

    SSLCertificateChainFile /etc/pki/tls/certs/localhost.crt

 

    Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains"

    RequestHeader set X-Forwarded-Proto https

    RequestHeader set X-Forwarded-Port "443"

 

    ProxyRequests Off

    ProxyPass / http://localhost:8080/ nocanon

    ProxyPassReverse / http://localhost:8080/

    AllowEncodedSlashes NoDecode

</VirtualHost>

 

 

I can get the following to work:

  1. http://hostname:8080
  2. https://hostname

 

However, the redirect from http://hostname:8080 to https://hostname is not working. I stay at http://hostname:8080

The firewall port (443) is open and the server is listening.

 

What am I missing? J I tried every combination on https://wiki.jenkins.io/display/JENKINS/Running+Jenkins+behind+Apache but I can’t get the last http to https redirect to work.

 

Also, after I go straight to the https site and manually remove the ‘s’ in ‘https’, it doesn’t redirect as expected back to https. I get an empty response (no-referrer-when-downgrade).

 

Ashish Yadav

unread,
Jan 28, 2018, 4:11:28 PM1/28/18
to jenkins...@googlegroups.com

Any ideas? J

 

However, the redirect from http://hostname:8080 to https://hostname is not working. I stay at http://hostname:8080

The firewall port (443) is open and the server is listening.

 

What am I missing? J I tried every combination on https://wiki.jenkins.io/display/JENKINS/Running+Jenkins+behind+Apache but I can’t get the last http to https redirect to work.

 

--
You received this message because you are subscribed to the Google Groups "Jenkins Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-use...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/3F84EB6D-171E-4498-9249-24EA9FD93049%40firemon.com.
For more options, visit https://groups.google.com/d/optout.

Reply all
Reply to author
Forward
0 new messages