jira-https-nginx-wildcard-cert-configuration

gistfile1.txt

# mkdir -p /etc/nginx/ssl 
# sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/nginx/ssl/nginx.key -out /etc/nginx/ssl/nginx.crt



# redirect HTTP to HTTPS - /etc/nginx/sites-available/default
server {
    listen       80;
    server_name  jira.example.com;
    access_log  off;
    return 301 https://$server_name$request_uri;
}

# /etc/nginx/conf.d/jira.conf
server {
    listen       443 default ssl;

    server_name  jira.example.com;

    access_log  off;
    ssl on;
    ssl_certificate /etc/nginx/ssl/example.com.crt;
    ssl_certificate_key /etc/nginx/ssl/example.com.key;

    location / {
            proxy_set_header Host $host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-Proto https;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_pass http://127.0.0.1:8080/;
    }
}

# server.xml config file from $JIRA/conf/
# add/modify this line from <Service name="Catalina"> directive

 <Connector acceptCount="100" connectionTimeout="20000" disableUploadTimeout="true" enableLookups="false" maxHttpHeaderSize="8192" maxThreads="150" minSpareThreads="25" port="8080" protocol="HTTP/1.1" redirectPort="8443" useBodyEncodingForURI="true" scheme="https" proxyName="jira.example.com" proxyPort="443"/>