Run Confluence behind F5 Load Balancer

Jayzle Coballes December 19, 2011

I have installed Confluence standalone version and need to run it over SSL/https. Certificate is installed on an F5 load balancer application so need to know how to configure Confluence and F5 (if needed to check configuration because network team manage this application) in order for Confluence to work on https.

Thanks.

4 answers

1 accepted

Comments for this post are closed

Community moderators have prevented the ability to post new answers.

Post a new question

7 votes
Answer accepted
Jayzle Coballes December 20, 2011

I was able to run Confluence by setting below configuration on server.xml

<Connector className="org.apache.coyote.tomcat4.CoyoteConnector" port="80" minProcessors="5"
                   maxProcessors="75" proxyPort="443" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" SSEnabled="true"
                   enableLookups="false" redirectPort="8443" acceptCount="10" debug="0" connectionTimeout="20000"
                   useURIValidationHack="false" URIEncoding="UTF-8" />

MikeA December 5, 2017

Did you have to generate import any certificates on your application server?  Or was it all handled by the F5?  My network team is saying I dont need to generate/import any certs on the app server.  All done by the F5. 

 

Also did you edit your web.xml to redirect http to https?

to <CONFLUENCE_INSTALLATION>/confluence/WEB-INF/web.xml

1 vote
Robin Bowes January 18, 2012

Woot! This works for me too!

Our stack looks like this:

client -> firewall -> load balancer -> apache -> tomcat

We do SSL offload on the load balancer, so apache only talks HTTP, but we need confluence to generate URLs using the HTTPS scheme.

The above configuration fragment works perfectly for us.

Thanks.

R.

Nelson Jimenez Manio March 26, 2013

Would you be able to share the changes made in F5 ?

0 votes
Steve Rhodes
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
March 31, 2015

@Konnie McCauley @Robin Bowes @Jayzle Coballes any chance any of you can share some more information on this? on the tomcat and on the F5 level.

0 votes
Konnie McCauley January 25, 2012

We certainly have had some challenges with getting our standalone behind the F5. We also have the Kerberos authentication set up for SSO. Would anything need to be changes in this connector?

Nelson Jimenez Manio March 26, 2013

Would you be able to share the changes made in F5 ?


Comments for this post are closed

Community moderators have prevented the ability to post new answers.

Post a new question

TAGS
AUG Leaders

Atlassian Community Events