It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

Getting confluence setup with a reverse apache proxy

Hi everyone, I would really appreciate any help that can be offered. I am experiencing several problems right now that I believe can all be traced back to the reverse proxy setup, but I am unsure where the issue is.

The issues are:

A warning that the base url cannot be checked.

AD Synchronization fails with "The following URL does not specify a valid Crowd User Management REST service".

I cannot update the license key from the GUI.

 

===Apache Configuration===
<VirtualHost *:443>
ServerName ohsejiradev01.domain.com

ErrorLog logs/ssl_error_log
TransferLog logs/ssl_access_log
LogLevel warn

SSLEngine on

SSLProtocol all -SSLv2

SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5:!SEED:!IDEA
SSLHonorCipherOrder     on

SSLCertificateFile (Verified to exist)

SSLCertificateKeyFile (Verified to exist)


<Files ~ "\.(cgi|shtml|phtml|php3?)$">
    SSLOptions +StdEnvVars
</Files>
<Directory "/var/www/cgi-bin">
    SSLOptions +StdEnvVars
</Directory>

#   SSL Protocol Adjustments:
BrowserMatch "MSIE [2-5]" \
         nokeepalive ssl-unclean-shutdown \
         downgrade-1.0 force-response-1.0

#   Per-Server Logging:
CustomLog logs/ssl_request_log \
          "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"

RedirectMatch ^/$ https://ohsejiradev01.domain.com/jira
# JIRA Proxy Configuration:
<Proxy *>
        Require all granted
</Proxy>

SSLProxyEngine          On
ProxyRequests           Off
ProxyPreserveHost       On

ProxyPass /synchrony http://ohsejiradev01.domain.com:8091/synchrony
<Location /synchrony>
    Require all granted
    RewriteEngine on
    RewriteCond %{HTTP:UPGRADE} ^WebSocket$ [NC]
    RewriteCond %{HTTP:CONNECTION} Upgrade$ [NC]
    RewriteRule .* ws://<domain>:8091%{REQUEST_URI} [P]
</Location>

ProxyPass               /jira       http://ohsejiradev01.domain.com:8080/jira
ProxyPassReverse        /jira       http://ohsejiradev01.domain.com:8080/jira
<Location /jira>
    Require all granted
</Location>

ProxyPass /confluence http://ohsejiradev01.domain.com:8090/confluence
ProxyPassReverse /confluence http://ohsejiradev01.domain.com:8090/confluence
<Location /confluence>
    Require all granted
</Location>

</VirtualHost>

###HTTP###
<VirtualHost *:80>
    ServerName ohsejiradev01.domain.com
    Redirect Permanent /  https://ohsejiradev01.domain.com/jira
    Redirect Permanent /jira  https://ohsejiradev01.domain.com/jira
    Redirect Permanent /confluence  https://ohsejiradev01.domain.com/confluence
    Redirect Permanent /synchrony   https://ohsejiradev01.domain.com/synchrony
</VirtualHost>

 

===server.xml===

<Server port="8000" shutdown="SHUTDOWN" debug="0">
    <Service name="Tomcat-Standalone">
        <Connector proxyName="ohsejiradev01.domain.com"
                scheme="https" secure="true"
                proxyport="443"
                port="8090" redirectPort="8443"
                minSpareThreads="10" maxThreads="48"
                acceptCount="100"
                debug="0"
                connectionTimeout="20000"
                disableUploadTimeout="true"
                enableLookups="false"
                maxHttpHeaderSize="8192"
                URIEncoding="UTF-8"
                protocol="HTTP/1.1" />

                <Connector protocol="HTTP/1.1"
                port="8091" redirectPort="8443"
                minSpareThreads="25" maxThreads="150"
                acceptCount="100"
                connectionTimeout="20000"
                disableUploadTimeout="true"
                enableLookups="false"
                maxHttpHeaderSize="8192"
                useBodyEncodingForURI="true"/>


        <Engine name="Standalone" defaultHost="localhost" debug="0">

            <Host name="localhost" debug="0" appBase="webapps" unpackWARs="true" autoDeploy="false" startStopThreads="4">
                <Context path="/confluence" docBase="../confluence" debug="0" reloadable="false" useHttpOnly="true">
                    <!-- Logger is deprecated in Tomcat 5.5. Logging configuration for Confluence is specified in confluence/WEB-INF/classes/log4j.properties -->
                    <Manager pathname="" />
                    <Valve className="org.apache.catalina.valves.StuckThreadDetectionValve" threshold="60" />
                </Context>

                <Context path="${confluence.context.path}/synchrony-proxy" docBase="../synchrony-proxy" debug="0" reloadable="false" useHttpOnly="true">
                    <Valve className="org.apache.catalina.valves.StuckThreadDetectionValve" threshold="60" />
                </Context>
            </Host>

        </Engine>
    </Service>
</Server>

 

===setenv.sh (I appended the following two lines)===

CATALINA_OPTS="-Dhttp.nonProxyHosts=*.domain.com\|ohsejiradev01.domain.com/confluence\|ohsejiradev01.domain.com/jira\|ohsejiradev01\|localhost\|127.0.0.1 ${CATALINA_OPTS}"
CATALINA_OPTS="-Dhttps.proxyHost=(PROXY IP to OUTSIDE WORLD) -Dhttps.proxyPort=3128 ${CATALINA_OPTS}"

1 comment

Shaun S Atlassian Team Apr 06, 2018

Looking at the Tomcat connector for port 8090 I see  proxyport="443" . If you change this to  proxyPort="443" and restart the Confluence service do you see any change in behavior? 

Comment

Log in or Sign up to comment
TAGS
Community showcase
Posted in Confluence

How is your team having fun and bonding, remotely, utilizing Confluence?

Thanks everyone for answering last week’s question. The winner of the random drawing from those who commented is: @LarryBrock I’ll contact you separately with your prize details. This wee...

294 views 9 7
Join discussion

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you