nginx conf dan server.xml tomcat SSL Jira
nginx.conf
server {
listen 80;
server_name abc.co.id;
access_log /var/log/nginx/log/jira-access.log main;
error_log /var/log/nginx/log/jira.error.log;
root /opt/atlassian/jira/atlassian-jira;
index index.jsp index.html index.htm;
error_page 403 /it-infra.html;
location = /it-infra.html {
root /usr/share/nginx/html;
}
## send request back to apache1 ##
location / {
allow someip;
deny all;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-NginX-Proxy true;
proxy_pass http://localhost:4444/;
proxy_redirect http://localhost:4444/ https://$server_name/;
}
}
server {
listen 443;
server_name abc.co.id;
access_log /var/log/nginx/log/jira-ssl-access.log main;
error_log /var/log/nginx/log/jira-ssl.error.log;
index index.jsp index.html index.htm;
ssl on;
ssl_certificate /opt/certificate/SSL.crt;
ssl_certificate_key /opt/certificate/SSL.key;
ssl_session_timeout 5m;
ssl_protocols SSLv2 TLSv1;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
error_page 403 /it-infra.html;
location = /it-infra.html {
root /usr/share/nginx/html;
}
## send request back to apache1 ##
location / {
allow someip;
deny all;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Proto https;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://127.0.0.1:4444/;
}
}
server.xml tomcat
<Connector acceptCount="100" connectionTimeout="20000" disableUploadTimeout="true" enableLookups="false" maxHttpHeaderSize="8192" maxThreads="150" minSpareThreads="25" port="4444" protocol="HTTP/1.1" redirectPort="8443" useBodyEncodingForURI="true" scheme="https" proxyName="abc.co.id" proxyPort="443"/>