Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

using the confluence server app

YW
YW May 15, 2018

Hi,

 

we are currently running plesk on our server. we have not been able to get the ssl installed on the server with plesk and want to desperately have access to the confluence app.

 

any suggestions?  it's greatly appreciated.

 

thank you.

Answer
Watch
Like Be the first to like this
580 views

3 answers

0 votes
YW
YW June 6, 2018

thanks so much for answering Ann :)

okay so for proxy name we add sub.domain.com:8090 or just sub.domain.com and place the 8090 where the 443 is for proxy port?

 

thanks in advance.

View More Comments
AnnWorley
AnnWorley
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
June 7, 2018

My understanding is your proxy will serve SSL on the default port of 443 to avoid using a port number in the Base URL, at least that is the usual practice. There should be no port number appended to the proxyName setting and the proxyPort should be 443.

The proxy should have settings that direct requests to port 443 over to port 8443 if you use the connector example I posted.

The 8090 connector is still there for http requests and because the documentation recommends leaving it:

Don't remove or comment out the http connector, as the Synchrony proxy health check, still requires HTTP. If you don't want to include the http connector, you can use the synchrony.proxy.healthcheck.disabled system property to disable the health check. 

Like
YW
YW June 12, 2018

hi ann,

we have everything set up and was able to get https://docs.ourdomain.com up and running, but receive a pop box saying tomcat is not correct (see attached), but the settings it is complaining about are actually correct.

 

this is our xml, any feedback would be greatly appreciated.

 

Here is your current server.xml, which is at:



<Server port="8000" shutdown="SHUTDOWN" debug="0">
    <Service name="Tomcat-Standalone">
        <Connector port="8090" connectionTimeout="20000" redirectPort="8443"
                maxThreads="48" minSpareThreads="10"
                enableLookups="false" acceptCount="10" debug="0" URIEncoding="UTF-8"
                protocol="org.apache.coyote.http11.Http11NioProtocol"
                proxyName="docs.ourdomain.com" proxyPort="80" scheme="http" />

        <Engine name="Standalone" defaultHost="localhost" debug="0">

            <Host name="localhost" debug="0" appBase="webapps" unpackWARs="true" autoDeploy="false" startStopThreads="4">
                <Context path="" docBase="../confluence" debug="0" reloadable="false" useHttpOnly="true">
                    <!-- Logger is deprecated in Tomcat 5.5. Logging configuration for Confluence is specified in confluence/WEB-INF/classes/log4j.properties -->
                    <Manager pathname="" />
                    <Valve className="org.apache.catalina.valves.StuckThreadDetectionValve" threshold="60" />
                </Context>
            </Host>

        </Engine>

        <!--
            To run Confluence via HTTPS:
             * Uncomment the Connector below
             * Execute:
                 %JAVA_HOME%\bin\keytool -genkey -alias tomcat -keyalg RSA (Windows)
                 $JAVA_HOME/bin/keytool -genkey -alias tomcat -keyalg RSA  (Unix)
               with a password value of "changeit" for both the certificate and the keystore itself.
             * Restart and visit https://localhost:8443/

             For more info, see https://confluence.atlassian.com/display/DOC/Running+Confluence+Over+SSL+or+HTTPS

        <Connector port="8443" maxHttpHeaderSize="8192"
                   maxThreads="150" minSpareThreads="25"
                   protocol="org.apache.coyote.http11.Http11NioProtocol"
                   enableLookups="false" disableUploadTimeout="true"
                   acceptCount="100" proxyName="docs.ourdomain.com" proxyPort="443" scheme="https" secure="true"
                   clientAuth="false" sslProtocols="TLSv1,TLSv1.1,TLSv1.2" sslEnabledProtocols="TLSv1,TLSv1.1,TLSv1.2" SSLEnabled="true"
                   URIEncoding="UTF-8" keystorePass="<MY_CERTIFICATE_PASSWORD>"/>
        -->

    </Service>
</Server>

 

thanks.

Like
YW
YW June 12, 2018

the pop up:

Tomcat config is incorrect

The Tomcat server.xml has an incorrect configuration:

scheme should be 'https'
proxyName should be 'docs.cloudhosts.net'
proxyPort should be '443'

Like
YW
YW June 25, 2018

Hi, just checking in to see if anyone else has encountered this issue and if there is resolution.

 

The server.xml file is perceived as erroneous when the credentials are correct.

 

Many thanks in advance!

Like
Reply
0 votes
YW
YW June 6, 2018

i have been trying this for weeks, but the document does not reflect the xml file it references that is actually on the server.  i really need to get this behind ssl for obvious reasons.  has anyone successfully done this on a plesk server that can give us some pointers.

 

thanks so much!

View More Comments
YW
YW June 6, 2018

the directions say:

Insert your proxyName and proxyPort as shown in the last line below:

<Connector port="8090" connectionTimeout="20000" redirectPort="8443"
   maxThreads="48" minSpareThreads="10"
   enableLookups="false" acceptCount="10" debug="0" URIEncoding="UTF-8"
   protocol="org.apache.coyote.http11.Http11NioProtocol"
   seme="https" secure="true" proxyName="www.example.com" proxyPort="443"/>

 

 

the directions show a place to enter the proxy name and port but the actual xml shows the following... no ref to proxyname... port etc.

 

<!--
        <Connector port="8443" maxHttpHeaderSize="8192"
                   maxThreads="150" minSpareThreads="25"
                   protocol="org.apache.coyote.http11.Http11NioProtocol"
                   enableLookups="false" disableUploadTimeout="true"
                   acceptCount="100" scheme="https" secure="true"
                   clientAuth="false" sslProtocols="TLSv1,TLSv1.1,TLSv1.2" sslEnabledProtocols="TLSv1,TLSv1.1,TLSv1.2" SSLEnabled="true"
                   URIEncoding="UTF-8" keystorePass="<MY_CERTIFICATE_PASSWORD>"/>
-->

Like
AnnWorley
AnnWorley
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
June 6, 2018

You would need to add the proxyName, proxyPort and scheme to the SSL connector and uncomment that connector if you are running behind a proxy. Proxy Support

The proxyName and proxyPort attributes can be used when Tomcat is run behind a proxy server. These attributes modify the values returned to web applications that call the request.getServerName() and request.getServerPort() methods, which are often used to construct absolute URLs for redirects. Without configuring these attributes, the values returned would reflect the server name and port on which the connection from the proxy server was received, rather than the server name and port to whom the client directed the original request.

(my boldface)

take out <!-- and -->to uncomment then make an SSL connector like:

<Connector port="8443" maxHttpHeaderSize="8192"
 maxThreads="150" minSpareThreads="25"
 protocol="org.apache.coyote.http11.Http11NioProtocol"
 enableLookups="false" disableUploadTimeout="true"
 acceptCount="100" proxyName="www.your_domain.com" proxyPort="443" scheme="https" secure="true"
 clientAuth="false" sslProtocols="TLSv1,TLSv1.1,TLSv1.2" sslEnabledProtocols="TLSv1,TLSv1.1,TLSv1.2" SSLEnabled="true"
 URIEncoding="UTF-8" keystorePass="<MY_CERTIFICATE_PASSWORD>"/>
Like
Reply
0 votes
AnnWorley
AnnWorley
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
May 16, 2018

Hi - Happy to hear you are trying out Confluence. :)

Plesk has a support site that looks pretty good, they would have more expertise with their tool. We have a document on how to terminate SSL at the Tomcat webserver level and some reverse proxy SSL docs, but we specialize in the Atlassian software itself.

Plesk help: Plesk support

Tomcat SSL doc: Running Confluence Over SSL or HTTPS

SSL terminated at reverse proxy: Running Confluence behind NGINX with SSL

Reply

Suggest an answer

Log in or Sign up to answer
Confluence
Confluence
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Notice at Collection Terms Security
    Welcome illustration

    Welcome to the new Atlassian Community

    Online forums and learning are now in one easy-to-use experience.

    By continuing, you accept the updated Community Terms of Use and acknowledge the Privacy Policy. Your public name, photo, and achievements may be publicly visible and available in search engines.