Are you setting the " X-Forwarded-Proto" header? This guide <https://wiki.jenkins-ci.org/display/JENKINS/Jenkins+behind+an+NGinX+reverse+proxy> might be useful. You could also try and make the "Postback URL" be "http" since that is what the request will arrive as on the Jenkins server itself.
On Thursday, June 9, 2016 at 4:23:17 AM UTC+10, Nick T wrote: > > I have my Jenkins server running with an nginx reverse proxy sitting in > front of it. In front of that i have an AWS ELB that is terminating the > SSL. So the problem is that Okta posts to https://myjenkins.mycompany.com, > but on the jenkins side it sees http. so it fails. Any tips? > > WARNING: Error while serving http:// > jenkins.mycompany.com/securityRealm/finishLogin > > at javax.servlet.http.HttpServlet.service(HttpServlet.java:790) > > > Caused by: org.opensaml.xml.security.SecurityException: SAML message intended > destination endpoint did not match recipient endpoint > at > org.opensaml.common.binding.decoding.BaseSAMLMessageDecoder.checkEndpointURI(BaseSAMLMessageDecoder.java:217) > at > org.opensaml.saml2.binding.decoding.BaseSAML2MessageDecoder.decode(BaseSAML2MessageDecoder.java:72) > at > org.pac4j.saml.sso.Saml2WebSSOProfileHandler.receiveMessage(Saml2WebSSOProfileHandler.java:119) > > -- You received this message because you are subscribed to the Google Groups "Jenkins Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/2b024fb6-6643-46ff-9be8-137e4fb5a5da%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
