Hey Confluence-Support!
First, here you go with a few details about my config:
The default setup was running perfectly until migrating to https.
After carefully following this guide
https://confluence.atlassian.com/conf64/running-confluence-over-ssl-or-https-936511699.html
Both pages are no more available (http://host.localdomain.loc:8090, https://host.mydomain.com:8443). Means i´m no more able to login...
In fact, ports 8090 and 8443 are reachable, i can do a "telnet host.localdomain.loc 8090" from internal network and a "telnet host.mydomain.com 8443" from the outside world.
Also, tomcat9.exe service is running with at least 1,7GB memory consumption.
Each and every command during ssl migration was successful without any error:
The only related log entries i can find in the atlassian-confluence.log:
Caused by: java.net.SocketTimeoutException: Read timed out
at java.net.SocketInputStream.socketRead0(Native Method)
at java.net.SocketInputStream.socketRead(Unknown Source)
at java.net.SocketInputStream.read(Unknown Source)
at java.net.SocketInputStream.read(Unknown Source)
at sun.security.ssl.InputRecord.readFully(Unknown Source)
at sun.security.ssl.InputRecord.read(Unknown Source)
at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at org.apache.http.conn.ssl.SSLConnectionSocketFactory.createLayeredSocket(SSLConnectionSocketFactory.java:396)
at org.apache.http.conn.ssl.SSLConnectionSocketFactory.connectSocket(SSLConnectionSocketFactory.java:355)
at org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.connect(DefaultHttpClientConnectionOperator.java:142)
...but unfortunately i can´t find something really helpful in the Internet.
I´ve also tried to find a solution by following this guide:
Hopefully you guys can help me!
Thanks a lot in advance!
Best Regards
Thorsten
Hello there Thorsten, thanks for reaching out to Community!
Thanks for sending so much detail our way. However, we would like to ask you for some more:
- Was this an upgrade from and older Confluence version or a clean install?
- If you undo the SSL, are you able to connect to Confluence?
- What exactly happens when you try to access Confluence from a Browser?
- Is there any error thrown on screen?
- When you say that you are unable to login, does it mean that the login page does load and the login process never finishes?
- When you say that you are unable to login, does it mean that the login page never loads?
- What happens if you access Confluence via localhost?
The errors shown could imply that your server is currently unable to reply in a timely manner, triggering this timeout. As a next step, I would recommend you to check if access via localhost does work.
Let us know your thoughts!
Hi Diego,
thanks for your reply!
Hopefully i´ll be able to answer your questions accordingly... here you go.
1. Was this an upgrade from and older Confluence version or a clean install?
- this was a fresh & clean install on a brand new Server 2016 VM
2. If you undo the SSL, are you able to connect to Confluence?
- to be honest, i never thought about doing so. To be more honest, we´re a bit let´s say in a hurry, as users need to connect from their mobile devices...
3. What exactly happens when you try to access Confluence from a Browser?
- when accessing the server, it takes several minutes until i get a response
4. Is there any error thrown on screen?
- it doesn´t matter in which way i´m trying to connect (http://localhost:8090, http://fqdn:8090, https://localhost:8443 or https://fqdn:8443 or each via IP address), there´s no 'real' error message, but the browsers response 'server timed out'
5. When you say that you are unable to login, does it mean that the login page does load and the login process never finishes?
- unfortunately no, I just can´t reach the login page, see Q/A#4
6. When you say that you are unable to login, does it mean that the login page never loads?
- exactly, it never appeared after migrating to ssl
7. What happens if you access Confluence via localhost?
- it´s the same behaviour when trying to connect via localhost, IP, internal fqdn, external fqdn
Please let me know if you need further infos, e. g. screenshots, eventlogs, etc.
Thanks again, have a nice day :-)
Cheers
Thorsten
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi,
I haven´t been able to fix this issue, so maybe somebody can help..?
Thanks in advance!
Regards
Thorsten
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Thorsten, somehow your previous reply did not come through.
Thanks for providing even more details and getting back to us once more!
Ok, so let us start looking at other points:
- Check the passwords for your keystore and certificate file are correct
- Check permissions for both <confluence-home> and <confluence-install>
- these folders should be owned by the user running Confluence and also have full read/write/execute permissions for the same user
- Check that your server.xml connector points to the correct path to your keystore file
Since you specified that even in localhost (accessing directly via the server itself) times out, we may have some problems with the certificates here.
Here is some detail about the folders I mentioned:
Confluence Home and other important directories
Further, could you provide us with an excerpt of your server.xml file where we could read the https connector you are currently using? Be careful not to disclose any sensitive information in this excerpt. Community is an open space and everyone can see here!
Looking forward to your reply.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Diego,
thanks for your reply and sorry for my late response as i have been abroad.
So, all of your Point 1-3 i´ve been through and everything seems to be fine.
Attached you can find my server.xml (personal details have been changed):
Thanks again for your help, really apreciate it.
Have a nice day!
Best Regards
Thorsten
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.