Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-10675

Jenkins redirecting from https to http

    XMLWordPrintable

    Details

    • Similar Issues:

      Description

      (Sorry – I'm not sure what component this falls under)

      I have a ssl proxy on another machine in front of jenkins. The ssl proxy listens on port 8080 and forwards to Jenkins on port 8080.

      After I submit my login details to Jenkins on https://domain.com:8080/login, it redirects me to http://domain.com:8080. I'd like to stay on https. I've configured the Jenkins URL to be https://domain.com:8080, but it didn't seem to make a difference.

      Two solutions?

      1. Never change the protocol. If the redirect was to '/' instead of 'http://domain.com', there would be no problem.
      2. The proxy adds a X-Forwarded-Proto to each request – could Jenkins look at that and realize it's a https request?

        Attachments

          Issue Links

            Activity

            Hide
            johno Johno Crawford added a comment -

            What SSL proxy are you running? If you have Apache try enabling ProxyPreserveHost.

            Show
            johno Johno Crawford added a comment - What SSL proxy are you running? If you have Apache try enabling ProxyPreserveHost.
            Hide
            scm_issue_link SCM/JIRA link daemon added a comment -

            Code changed in jenkins
            User: Ian Hopkins
            Path:
            core/src/main/java/jenkins/model/Jenkins.java
            core/src/test/java/jenkins/model/JenkinsGetRootUrlTest.java
            http://jenkins-ci.org/commit/jenkins/ddfa65fae64663cda51a7b9dd7b45eeebbd10eda
            Log:
            [FIXED JENKINS-10675] use X-Forwarded-Proto if present

            Show
            scm_issue_link SCM/JIRA link daemon added a comment - Code changed in jenkins User: Ian Hopkins Path: core/src/main/java/jenkins/model/Jenkins.java core/src/test/java/jenkins/model/JenkinsGetRootUrlTest.java http://jenkins-ci.org/commit/jenkins/ddfa65fae64663cda51a7b9dd7b45eeebbd10eda Log: [FIXED JENKINS-10675] use X-Forwarded-Proto if present
            Hide
            scm_issue_link SCM/JIRA link daemon added a comment -

            Code changed in jenkins
            User: Vojtěch Juránek
            Path:
            core/src/main/java/jenkins/model/Jenkins.java
            core/src/test/java/jenkins/model/JenkinsGetRootUrlTest.java
            http://jenkins-ci.org/commit/jenkins/5c25cb6a1b3d5640a2c42c2ebd2ca6343ffd3d2f
            Log:
            Merge pull request #964 from edenrox/master

            [FIXED JENKINS-10675] use X-Forwarded-Proto if present

            Compare: https://github.com/jenkinsci/jenkins/compare/2b9347a00227...5c25cb6a1b3d

            Show
            scm_issue_link SCM/JIRA link daemon added a comment - Code changed in jenkins User: Vojtěch Juránek Path: core/src/main/java/jenkins/model/Jenkins.java core/src/test/java/jenkins/model/JenkinsGetRootUrlTest.java http://jenkins-ci.org/commit/jenkins/5c25cb6a1b3d5640a2c42c2ebd2ca6343ffd3d2f Log: Merge pull request #964 from edenrox/master [FIXED JENKINS-10675] use X-Forwarded-Proto if present Compare: https://github.com/jenkinsci/jenkins/compare/2b9347a00227...5c25cb6a1b3d
            Hide
            dogfood dogfood added a comment -

            Integrated in jenkins_main_trunk #2917
            [FIXED JENKINS-10675] use X-Forwarded-Proto if present (Revision ddfa65fae64663cda51a7b9dd7b45eeebbd10eda)

            Result = SUCCESS
            ian : ddfa65fae64663cda51a7b9dd7b45eeebbd10eda
            Files :

            • core/src/test/java/jenkins/model/JenkinsGetRootUrlTest.java
            • core/src/main/java/jenkins/model/Jenkins.java
            Show
            dogfood dogfood added a comment - Integrated in jenkins_main_trunk #2917 [FIXED JENKINS-10675] use X-Forwarded-Proto if present (Revision ddfa65fae64663cda51a7b9dd7b45eeebbd10eda) Result = SUCCESS ian : ddfa65fae64663cda51a7b9dd7b45eeebbd10eda Files : core/src/test/java/jenkins/model/JenkinsGetRootUrlTest.java core/src/main/java/jenkins/model/Jenkins.java
            Hide
            scm_issue_link SCM/JIRA link daemon added a comment -

            Code changed in jenkins
            User: Ian Hopkins
            Path:
            core/src/main/java/jenkins/model/Jenkins.java
            core/src/test/java/jenkins/model/JenkinsGetRootUrlTest.java
            http://jenkins-ci.org/commit/jenkins/2235fcd90526f1e22de114973da4d08fd1df777f
            Log:
            [FIXED JENKINS-10675] use X-Forwarded-Proto if present

            (cherry picked from commit ddfa65fae64663cda51a7b9dd7b45eeebbd10eda)

            Show
            scm_issue_link SCM/JIRA link daemon added a comment - Code changed in jenkins User: Ian Hopkins Path: core/src/main/java/jenkins/model/Jenkins.java core/src/test/java/jenkins/model/JenkinsGetRootUrlTest.java http://jenkins-ci.org/commit/jenkins/2235fcd90526f1e22de114973da4d08fd1df777f Log: [FIXED JENKINS-10675] use X-Forwarded-Proto if present (cherry picked from commit ddfa65fae64663cda51a7b9dd7b45eeebbd10eda)
            Hide
            balsamiqluis2 Luis Arias added a comment -

            I'm seeing this behavior when offloading SSL to an ELB with

            https://mydomain.net -> http://jenkins-instance:9090

            Could I be missing a configuration setting somewhere ? This is on 1.558.

            Thanks!

            Show
            balsamiqluis2 Luis Arias added a comment - I'm seeing this behavior when offloading SSL to an ELB with https://mydomain.net -> http://jenkins-instance:9090 Could I be missing a configuration setting somewhere ? This is on 1.558. Thanks!
            Hide
            danielbeck Daniel Beck added a comment -

            Luis Arias: Did you configure the Jenkins URL as https://mydomain.net in the global configuration?

            Show
            danielbeck Daniel Beck added a comment - Luis Arias : Did you configure the Jenkins URL as https://mydomain.net in the global configuration?
            Hide
            bartvh Bart Vanhaute added a comment -

            Since upgrading from 1.559 to 1.562, I am seeing this also.
            Should this issue be reopened, or create a new one?

            Show
            bartvh Bart Vanhaute added a comment - Since upgrading from 1.559 to 1.562, I am seeing this also. Should this issue be reopened, or create a new one?
            Hide
            pmoiroux Patrick Moiroux added a comment -

            Same issue on Centos with version 1.565. It works if I rollback to version 1.558.

            Show
            pmoiroux Patrick Moiroux added a comment - Same issue on Centos with version 1.565. It works if I rollback to version 1.558.
            Hide
            pmoiroux Patrick Moiroux added a comment -

            It works with version 1.565 if I add this to my Apache config:

            Header edit Location ^http://www.example.com/jenkins/ https://www.example.com/jenkins/

            It was not required with version 1.558 so I don't know whether you want to consider it as a bug or not..
            Thanks

            Show
            pmoiroux Patrick Moiroux added a comment - It works with version 1.565 if I add this to my Apache config: Header edit Location ^ http://www.example.com/jenkins/ https://www.example.com/jenkins/ It was not required with version 1.558 so I don't know whether you want to consider it as a bug or not.. Thanks
            Hide
            danielbeck Daniel Beck added a comment -

            Patrick: Might just be related to configuration. Make sure your reverse proxy sets the X-Forwarded-Proto header.

            That being said, it makes no sense to reopen a three year old issue for a regression within the last ~6 weeks. Please file a new issue (you can link it as 'related' to this one under 'More Actions'). If possible, determine the exact release the regression occurred, and post your reverse proxy config.

            Show
            danielbeck Daniel Beck added a comment - Patrick: Might just be related to configuration. Make sure your reverse proxy sets the X-Forwarded-Proto header. That being said, it makes no sense to reopen a three year old issue for a regression within the last ~6 weeks. Please file a new issue (you can link it as 'related' to this one under 'More Actions'). If possible, determine the exact release the regression occurred, and post your reverse proxy config.
            Hide
            bmanikantareddy Manikantareddy Buchi added a comment -

            I am seeing this issue in the latest version as well.

            I have deployed the Jenkins docker image in GKE with GCP load balancer with real ssl certificates.

            some of the URLs working with HTTPS , but some are getting redirected to http://

            I did try with multiple versions 

            for example configuration-as-code

             

             

            Show
            bmanikantareddy Manikantareddy Buchi added a comment - I am seeing this issue in the latest version as well. I have deployed the Jenkins docker image in GKE with GCP load balancer with real ssl certificates. some of the URLs working with HTTPS , but some are getting redirected to http:// I did try with multiple versions  for example configuration-as-code    

              People

              Assignee:
              Unassigned Unassigned
              Reporter:
              joevandyk Joe Van Dyk
              Votes:
              4 Vote for this issue
              Watchers:
              8 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: