Are you in the loop? Keep up with the latest by making sure you're subscribed to Community Announcements. Just click Watch and select Articles.

×
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Celebration

Earn badges and make progress

You're on your way to the next level! Join the Kudos program to earn points and save your progress.

Deleted user Avatar
Deleted user

Level 1: Seed

25 / 150 points

Next: Root

Avatar

1 badge earned

Collect

Participate in fun challenges

Challenges come and go, but your rewards stay with you. Do more to earn more!

Challenges
Coins

Gift kudos to your peers

What goes around comes around! Share the love by gifting kudos to your peers.

Recognition
Ribbon

Rise up in the ranks

Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!

Leaderboard

Join now to unlock these features and more

Getting confluence setup with a reverse apache proxy

Dalton Tidwell
Dalton Tidwell Mar 09, 2018

Hi everyone, I would really appreciate any help that can be offered. I am experiencing several problems right now that I believe can all be traced back to the reverse proxy setup, but I am unsure where the issue is.

The issues are:

A warning that the base url cannot be checked.

AD Synchronization fails with "The following URL does not specify a valid Crowd User Management REST service".

I cannot update the license key from the GUI.

 

===Apache Configuration===
<VirtualHost *:443>
ServerName ohsejiradev01.domain.com

ErrorLog logs/ssl_error_log
TransferLog logs/ssl_access_log
LogLevel warn

SSLEngine on

SSLProtocol all -SSLv2

SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5:!SEED:!IDEA
SSLHonorCipherOrder     on

SSLCertificateFile (Verified to exist)

SSLCertificateKeyFile (Verified to exist)


<Files ~ "\.(cgi|shtml|phtml|php3?)$">
    SSLOptions +StdEnvVars
</Files>
<Directory "/var/www/cgi-bin">
    SSLOptions +StdEnvVars
</Directory>

#   SSL Protocol Adjustments:
BrowserMatch "MSIE [2-5]" \
         nokeepalive ssl-unclean-shutdown \
         downgrade-1.0 force-response-1.0

#   Per-Server Logging:
CustomLog logs/ssl_request_log \
          "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"

RedirectMatch ^/$ https://ohsejiradev01.domain.com/jira
# JIRA Proxy Configuration:
<Proxy *>
        Require all granted
</Proxy>

SSLProxyEngine          On
ProxyRequests           Off
ProxyPreserveHost       On

ProxyPass /synchrony http://ohsejiradev01.domain.com:8091/synchrony
<Location /synchrony>
    Require all granted
    RewriteEngine on
    RewriteCond %{HTTP:UPGRADE} ^WebSocket$ [NC]
    RewriteCond %{HTTP:CONNECTION} Upgrade$ [NC]
    RewriteRule .* ws://<domain>:8091%{REQUEST_URI} [P]
</Location>

ProxyPass               /jira       http://ohsejiradev01.domain.com:8080/jira
ProxyPassReverse        /jira       http://ohsejiradev01.domain.com:8080/jira
<Location /jira>
    Require all granted
</Location>

ProxyPass /confluence http://ohsejiradev01.domain.com:8090/confluence
ProxyPassReverse /confluence http://ohsejiradev01.domain.com:8090/confluence
<Location /confluence>
    Require all granted
</Location>

</VirtualHost>

###HTTP###
<VirtualHost *:80>
    ServerName ohsejiradev01.domain.com
    Redirect Permanent /  https://ohsejiradev01.domain.com/jira
    Redirect Permanent /jira  https://ohsejiradev01.domain.com/jira
    Redirect Permanent /confluence  https://ohsejiradev01.domain.com/confluence
    Redirect Permanent /synchrony   https://ohsejiradev01.domain.com/synchrony
</VirtualHost>

 

===server.xml===

<Server port="8000" shutdown="SHUTDOWN" debug="0">
    <Service name="Tomcat-Standalone">
        <Connector proxyName="ohsejiradev01.domain.com"
                scheme="https" secure="true"
                proxyport="443"
                port="8090" redirectPort="8443"
                minSpareThreads="10" maxThreads="48"
                acceptCount="100"
                debug="0"
                connectionTimeout="20000"
                disableUploadTimeout="true"
                enableLookups="false"
                maxHttpHeaderSize="8192"
                URIEncoding="UTF-8"
                protocol="HTTP/1.1" />

                <Connector protocol="HTTP/1.1"
                port="8091" redirectPort="8443"
                minSpareThreads="25" maxThreads="150"
                acceptCount="100"
                connectionTimeout="20000"
                disableUploadTimeout="true"
                enableLookups="false"
                maxHttpHeaderSize="8192"
                useBodyEncodingForURI="true"/>


        <Engine name="Standalone" defaultHost="localhost" debug="0">

            <Host name="localhost" debug="0" appBase="webapps" unpackWARs="true" autoDeploy="false" startStopThreads="4">
                <Context path="/confluence" docBase="../confluence" debug="0" reloadable="false" useHttpOnly="true">
                    <!-- Logger is deprecated in Tomcat 5.5. Logging configuration for Confluence is specified in confluence/WEB-INF/classes/log4j.properties -->
                    <Manager pathname="" />
                    <Valve className="org.apache.catalina.valves.StuckThreadDetectionValve" threshold="60" />
                </Context>

                <Context path="${confluence.context.path}/synchrony-proxy" docBase="../synchrony-proxy" debug="0" reloadable="false" useHttpOnly="true">
                    <Valve className="org.apache.catalina.valves.StuckThreadDetectionValve" threshold="60" />
                </Context>
            </Host>

        </Engine>
    </Service>
</Server>

 

===setenv.sh (I appended the following two lines)===

CATALINA_OPTS="-Dhttp.nonProxyHosts=*.domain.com\|ohsejiradev01.domain.com/confluence\|ohsejiradev01.domain.com/jira\|ohsejiradev01\|localhost\|127.0.0.1 ${CATALINA_OPTS}"
CATALINA_OPTS="-Dhttps.proxyHost=(PROXY IP to OUTSIDE WORLD) -Dhttps.proxyPort=3128 ${CATALINA_OPTS}"

Comment
Watch
Like Be the first to like this
1016 views

1 comment

Shaun S
Shaun S
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
Apr 06, 2018

Looking at the Tomcat connector for port 8090 I see  proxyport="443" . If you change this to  proxyPort="443" and restart the Confluence service do you see any change in behavior? 

Like
Reply

Comment

Log in or Sign up to comment
Confluence
Confluence
TAGS
AUG Leaders

Atlassian Community Events

See all events