📌  相关文章
📜  代理 ssl 证书到 jira centos8 - Shell-Bash (1)

📅  最后修改于: 2023-12-03 14:49:29.793000             🧑  作者: Mango

代理 SSL 证书到 JIRA - CentOS 8

在 CentOS 8 上,代理 SSL 证书到 JIRA 需要按照以下步骤进行:

步骤 1:安装 Nginx

若您已经安装 Nginx,请跳过此步骤。

在终端中,输入以下命令以安装 Nginx:

sudo dnf install nginx

然后,启动 Nginx 服务:

systemctl start nginx

如需开机自启 Nginx 服务,请运行:

systemctl enable nginx
步骤 2:创建证书和密钥文件

若您已经有证书和密钥文件,请跳过此步骤。

使用以下命令生成 SSL 证书和密钥文件:

sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/pki/nginx/nginx.key -out /etc/pki/nginx/nginx.crt
步骤 3:配置 Nginx

使用以下命令编辑 Nginx 配置文件:

sudo vi /etc/nginx/nginx.conf

添加以下段落:

server {
    listen 80;
    server_name YOUR_DOMAIN;
    return 301 https://$server_name$request_uri;
}

server {
    listen 443 ssl http2;
    server_name YOUR_DOMAIN;

    ssl_certificate /etc/pki/nginx/nginx.crt;
    ssl_certificate_key /etc/pki/nginx/nginx.key;

    location / {
        proxy_pass http://YOUR_JIRA_IP:8080/;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-Proto https;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    }
}

YOUR_DOMAIN 替换为您的域名,将 YOUR_JIRA_IP 替换为 JIRA 的 IP 地址。

保存并关闭文件。

重启 Nginx 服务:

systemctl restart nginx
步骤 4:修改 JIRA 配置

使用以下命令编辑 JIRA 配置文件:

sudo vi /opt/atlassian/jira/conf/server.xml

找到以下段落:

<Connector port="8080" relaxedPathChars="[]|" relaxedQueryChars="[]|{}^\`"&lt;&gt;"
           maxThreads="150" minSpareThreads="25" connectionTimeout="20000"
           enableLookups="false" maxHttpHeaderSize="8192" protocol="HTTP/1.1"
           useBodyEncodingForURI="true" redirectPort="8443" acceptCount="100"
           disableUploadTimeout="true" bindOnInit="false"/>

port="8080" 修改为 port="127.0.0.1:8080",然后保存并关闭文件。

重启 JIRA 服务:

systemctl restart jira

现在,您可以在浏览器中访问 https://YOUR_DOMAIN 来访问 JIRA,SSL 证书已成功代理到 JIRA。

Markdown 代码片段:

## 步骤 1:安装 Nginx

```bash
sudo dnf install nginx
systemctl start nginx
systemctl enable nginx
步骤 2:创建证书和密钥文件
sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/pki/nginx/nginx.key -out /etc/pki/nginx/nginx.crt
步骤 3:配置 Nginx
sudo vi /etc/nginx/nginx.conf

server {
    listen 80;
    server_name YOUR_DOMAIN;
    return 301 https://$server_name$request_uri;
}

server {
    listen 443 ssl http2;
    server_name YOUR_DOMAIN;

    ssl_certificate /etc/pki/nginx/nginx.crt;
    ssl_certificate_key /etc/pki/nginx/nginx.key;

    location / {
        proxy_pass http://YOUR_JIRA_IP:8080/;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-Proto https;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    }
}

systemctl restart nginx
步骤 4:修改 JIRA 配置
sudo vi /opt/atlassian/jira/conf/server.xml

<Connector port="8080" relaxedPathChars="[]|" relaxedQueryChars="[]|{}^\`"&lt;&gt;"
           maxThreads="150" minSpareThreads="25" connectionTimeout="20000"
           enableLookups="false" maxHttpHeaderSize="8192" protocol="HTTP/1.1"
           useBodyEncodingForURI="true" redirectPort="8443" acceptCount="100"
           disableUploadTimeout="true" bindOnInit="false"/>

systemctl restart jira

现在,您可以在浏览器中访问 https://YOUR_DOMAIN 来访问 JIRA,SSL 证书已成功代理到 JIRA。