Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-63961

Reverse proxy set up is broken on Windows, as a service, with no IIS or other reverse proxy

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Duplicate
    • Icon: Critical Critical
    • core
    • None
    • Windows Server 2012 R2. Jenkins installed as a service in 2017. Recently upgraded via the UI (automatic upgrade option) from 2.240 to 2.261.

      I run Jenkins as a service in Windows.  IIS is not running and there is no reverse proxy.

      Seeing reverse proxy set up is broken in the UI and in the logs, e.g.:

      2020-10-15 17:09:53.220+0000 [id=12] WARNING h.d.ReverseProxySetupMonitor#getTestForReverseProxySetup: https://jenkins:80/manage vs. https://jenkins/manage

      What is worse is that after logging in I am redirected to a URL that has :80 appended to the base URL - even though I am using https on Port 443 and Port 80 is completely disabled.  As I click on various links in the UI, I must edit the URLs to remove this :80 addition and press Enter to be able to navigate.  It appears lines 921 and 922 in jenkins-master/core/src/main/java/hudson/Functions.java are responsible for doing this, but that should happen only conditionally, not in my case.

      My server is not a domain member and has no fully-qualified domain name.  I use the hostname, JENKINS in the URL (a NetBIOS name for the computer).  So my base URL is https://jenkins.  I have no context path configured.

      I have nothing at all configured under Manage Plugins > Advanced > Reverse Proxy Settings.  I can get plugin updates.  I can navigate the UI fine if I correct the URLs that Jenkins is automatically "fixing" for me.

      I tried disabling the reverse proxy monitoring in *config.xm*l:

      <hudson>
         <disabledAdministrativeMonitors>
             <string>hudson.diagnosis.ReverseProxySetupMonitor</string>
         </disabledAdministrativeMonitors>

          . . .

      But this did not help at all.

      I did not experience this behavior until after I updated my plugins and then upgraded Jenkins to 2.261 from 2.240.  I made no other configuration changes.

      But I did need to upgrade the Java JRE: I installed Oracle Java 8 JRE build 221 (32-bit) because the cacerts file in C:/Program Files (x86)/Jenkins/jre/lib/security folder was apparently too old and I could not upgrade any plugins.  Once I upgraded the JRE I had no trouble upgrading plugins.  So I do not think the JRE upgrade had any impact on this issue.

      My server uses a self-signed SSL certificate.  This cert hasn't changed in years and is still valid.  I added this cert to the cacerts file in the new jre using keytool in case Jenkins needed that. 

      I have attached a couple configuration files from my Jenkins server.  Please let me know if you needs any logs or other details from my server.  I can share screens via Zoom.

       

        1. config.xml
          32 kB
          Mike Litwak
        2. jenkins.xml
          2 kB
          Mike Litwak

            Unassigned Unassigned
            litwakmichael Mike Litwak
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:
              Resolved: