I am running Jenkins on Centos 7 behind a reverse proxy with ssl certs. I want
Apache to handle the ssl certs. User -> HTTPS -> Apache -> HTTP -> Jenkins
application. Here is what my configuration looks like.
RewriteEngine On
RewriteCond %{HTTPS} !on
RewriteRule /.* https://<hostname>$0 [R=301,L]
<VirtualHost *: 443>
ErrorLog logs/ssl_error_log
TransferLog logs/ssl_access_log
LogLevel warn
SSLCertificateFile /etc/pki/tls/certs/localhost.crt
SSLCertificateKeyFile /etc/pki/tls/private/localhost.key
SSLCertificateChainFile /etc/pki/tls/certs/localhost.crt
Header always set Strict-Transport-Security "max-age=63072000;
includeSubDomains"
RequestHeader set X-Forwarded-Proto https
RequestHeader set X-Forwarded-Port "443"
ProxyRequests Off
ProxyPass / http://localhost:8080/ nocanon
ProxyPassReverse / http://localhost:8080/
AllowEncodedSlashes NoDecode
</VirtualHost>
I can get the following to work:
1. http://hostname:8080
2. https://hostname
However, the redirect from http://hostname:8080 to https://hostname is not
working. I stay at http://hostname:8080
The firewall port (443) is open and the server is listening.
What am I missing? ☺ I tried every combination on
https://wiki.jenkins.io/display/JENKINS/Running+Jenkins+behind+Apache but I
can’t get the last http to https redirect to work.
Also, after I go straight to the https site and manually remove the ‘s’ in
‘https’, it doesn’t redirect as expected back to https. I get an empty response
(no-referrer-when-downgrade).
--
You received this message because you are subscribed to the Google Groups
"Jenkins Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/jenkinsci-users/3F84EB6D-171E-4498-9249-24EA9FD93049%40firemon.com.
For more options, visit https://groups.google.com/d/optout.
