Hello everyone, I have an interesting issue. I am using nginx 1.6.0 to
proxy back to my Jira instance. This is working great within my
network.
This is the issue. I am using a fortigate device to protect my network
and
I want to use the https connection in the web portal to access my Jira
instance. The problem is that jira always expects a
https://jira.internal.example.com, because that is what is set in it’s
base
url. The fortigate sends this to nginx:
https://vpn.example.com/proxy/https/jira.internal.example.com/secure/Dashboard.jspa
Jira see’s this as an incorrect path and causing it to not properly. I
am
wanting to know is there a way to rewrite the path that the fortigate is
sending to nginx so that jira believe’s its correct. Thanks!
Brent
On 30 May 2014 16:55, bwellsnc [email protected] wrote:
Hello everyone, I have an interesting issue. I am using nginx 1.6.0 to
proxy back to my Jira instance. This is working great within my network.
This is the issue. I am using a fortigate device to protect my network and
I want to use the https connection in the web portal to access my Jira
instance. The problem is that jira always expects a
https://jira.internal.example.com, because that is what is set in it’s base
url. The fortigate sends this to nginx:
https://vpn.example.com/proxy/https/jira.internal.example.com/secure/Dashboard.jspa
I think someone configured your firewall wrongly. That’s not just a
device’s specific quirk - if someone sold a device that did that
andonlythat then they’d go out of business. Fix the
misconfiguration.
Jira see’s this as an incorrect path and causing it to not properly. I am
wanting to know is there a way to rewrite the path that the fortigate is
sending to nginx so that jira believe’s its correct. Thanks!
Not tested, but should push you in the right direction:
resolver some.internal.resolver.ip;
rewrite ^/proxy/https/jira.internal.example.com/(.*)$ /$1;
proxy_set_header Host jira.internal.example.com;
proxy_pass https://jira.internal.example.com;
But don’t do that. Fix your wrongly configured other device.
J
On Fri, May 30, 2014 at 11:55:32AM -0400, bwellsnc wrote:
Hi there,
This is the issue. I am using a fortigate device to protect my network and
I want to use the https connection in the web portal to access my Jira
instance. The problem is that jira always expects a
https://jira.internal.example.com, because that is what is set in it’s base
url. The fortigate sends this to nginx:
https://vpn.example.com/proxy/https/jira.internal.example.com/secure/Dashboard.jspa
According to the proxy_pass documentation,
location ^~ /proxy/https/jira.internal.example.com/ {
proxy_pass https://[jira hostname or ip]/;
proxy_set_header Host jira.internal.example.com;
}
should do what you seem to be asking for. (Replace [this bit].)
But I’m not aware of any proxy/firewall devices that do what you say
your
fortigate is doing. So it may not end up doing what you actually want.
f
Francis D. [email protected]
J, It’s not a misconfigured device, that is how fortinet does it’s
webportal vpn access to internal websites. Talked to fortinet, that’s
how
it works. Francis, I will look at that. Thanks for your help!