Mixed Content Issues with Containerized Jira Setup Using Traefik Reverse Proxy

Jack81 · June 18, 2025, 9:47pm

I’m running into some SSL problems with my containerized Jira setup. I have Jira running in a Docker container with Traefik as my reverse proxy handling SSL termination.

Here’s my docker-compose configuration:

version: "3"
services:
  jira-app:
    image: atlassian/jira-software:latest
    labels:
      - "traefik.http.routers.jira.rule=Host(`tickets.mysite.com`)"
      - "traefik.http.services.jira.loadbalancer.server.port=8080"
      - "traefik.enable=true"
      - "traefik.http.routers.jira.entrypoints=web,websecure"

My Traefik config handles HTTP to HTTPS redirects like this:

[entryPoints]
  [entryPoints.web]
  address = ":80"
    [entryPoints.web.http.redirections.entrypoint]
    to = "websecure"
    scheme = "https"
  [entryPoints.websecure]
  address = ":443"
    [entryPoints.websecure.http.tls]

The base URL in Jira is configured to use HTTPS and I can access everything fine. However, I keep getting mixed content errors in the browser console. Some requests are still trying to use HTTP even though the page loads over HTTPS.

The error message shows that certain plugin servlets are being requested over HTTP instead of HTTPS. How can I make sure all internal Jira requests go through HTTPS when using Traefik as a proxy?

Finn_Mystery · June 26, 2025, 12:04am

Your problem is that Jira doesn’t know SSL is being handled by the proxy. You need to add X-Forwarded headers in your docker-compose file’s Traefik labels. Add traefik.http.middlewares.jira-headers.headers.customrequestheaders.X-Forwarded-Proto=https to your jira-app service, then reference it with traefik.http.routers.jira.middlewares=jira-headers. Also configure your Jira connector by mounting a custom server.xml or using environment variables for the connector attributes. The key is making sure Jira knows it’s behind a secure proxy. I had the same mixed content warnings when my proxy headers weren’t set up right - this fixed the HTTP requests for plugin resources.

Mandy_45Photography · June 25, 2025, 9:30am

check your jira server.xml config - the connector might need scheme=“https” and proxyPort=“443” set explicitly. also make sure traefik’s passing the x-forwarded-proto header correctly. i had the same issue and it turned out jira wasn’t detecting ssl termination at the proxy level.

Emma_Fluffy · June 23, 2025, 4:10pm

Had this exact problem 6 months ago with my Jira setup behind Traefik. Jira generates URLs based on what it thinks the scheme is, so you need to tell it there’s an HTTPS proxy in front of it. Add these environment variables to your jira-app service: CATALINA_CONNECTOR_PROXYNAME, CATALINA_CONNECTOR_PROXYPORT, CATALINA_CONNECTOR_SCHEME, and CATALINA_CONNECTOR_SECURE. Also make sure Traefik’s sending the right headers by setting the proper labels for your Jira service. Restart the container after that and it should fix the mixed content errors.