Question

how to enable SSL for both jenkins and sonarqube running on the same server

Posted August 7, 2017 6.4k views
UbuntuApache

Hi,

I have installed jenkins and sonarqube in the same server. Jenkins is running on port 8080 and sonarqube is running on port 9000.

I want to enable SSL for both jenkins and sonarqube using the same DNS name.

I have the apache config as below

<VirtualHost *:80>
  ServerName example.com
  ServerAlias www.example.com
  ProxyRequests Off
  ProxyVia On
  Redirect permanent / https://example.com/
</Virtualhost>

<VirtualHost *:443>
  ServerName example.com
  ServerAlias www.example.com

  SSLEngine On
  SSLProxyEngine On
  SSLCertificateFile    /etc/apache2/ssl/crt/example.com.cer
  SSLCertificateKeyFile /etc/apache2/ssl/key/example.com.key

  ProxyRequests     Off
  ProxyPass         /  http://localhost:8080/
  ProxyPassReverse  /  http://localhost:8080/

  ProxyPass        /sonar http://localhost:9000/sonar
  ProxyPassReverse /sonar http://localhost:9000/sonar

RequestHeader set X_FORWARDED_PROTO "https"
  RequestHeader set X-Forwarded-Port "443"
  SetEnv force-proxy-request-1.0 1
  SetEnv proxy-nokeepalive 1

  <Proxy *>
   Order allow,deny
    Allow from all
  </Proxy>
  ProxyPreserveHost on
</VirtualHost>

When i browse https://example.com, jenkins log i page opens wit the following URL https://jenkins-thunderbolt.comcast.com/login?from=%2F which is as expected.

But when i browse https://example.com/sonar , i get the URl as https://jenkins-thunderbolt.comcast.com/login?from=%2Fsonar, which gets the jenkins login page, but the expected should that when i browse https://example.com/sonar i should get the sonarqube login page

Could you please let me know what configs that iam missing out?

edited by asb

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
1 answer

Try switching the order of the ProxyPass directives like so:

  ProxyRequests     Off
  ProxyPass        /sonar http://localhost:9000/sonar
  ProxyPassReverse /sonar http://localhost:9000/sonar

  ProxyPass         /  http://localhost:8080/
  ProxyPassReverse  /  http://localhost:8080/

Per https://httpd.apache.org/docs/2.4/mod/mod_proxy.html#proxypass it appears that Apache checks them in the order that they are specified in. / matches everything so that might be why sonar requests are also getting proxied to Jenkins.

Submit an Answer