It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

AutoSSL (Let's Encrypt) with Confluence over HTTPS

Amit Dhaka Aug 15, 2018

Hello,

I currently have an instance of Confluence Server running on my VPS and I'm trying to get it running over HTTPS, but I'm having a few issues.

Is it possible to use Lets Encrypt with Confluence Server?

The SSL's are not password protected, and I don't think they store .keystore files, or at least none that I can find on my server.

I can access cPanel and WHM over HTTPS on the same domain so I know the domain has an SSL issued, I just can't get it working with Confluence. I've changed the server.xml file and changed the base URL, but https and port 8443 just brings up a "cannot connect" error in the browser. I could be doing something completely wrong though.

Has anyone achieved this? Any help would be greatly appreciated!

Thanks!

1 answer

0 votes
Alexis Robert Community Leader Aug 15, 2018 • edited

Hello @Amit Dhaka

 

there is a good explanation provided here to automate Lets Encrypt certificate renewal for Tomcat.

 

However, this is quite complicated and if it's possible I would rather suggest that you use a Proxy server like Apache to achieve this. 

With certbot it will be very easy, you'll only need to create a vhost file like this:

<VirtualHost *:80>
ServerName confluence.mycompany.com
DocumentRoot /var/www/
ProxyPreserveHost On
ProxyPass /.well-known !
ProxyPass / http://10.0.0.1:8090/
ProxyPassReverse / http://10.0.0.1:8090/
</VirtualHost>

and then use the certbot command to perform the SSL configuration  (it will automatically add certificates and HTTPS to your vhost):

certbot --authenticator webroot --installer apache

If it works fine, you'll need to add a cron job with the "certot renew" command and that's it.

You'll find more info on how to install certbot on your server here.

 

On your confluence instance, you'll only need to add 3 parameters to your conf/server.xml file, int the connector block:

  •  scheme="https"
  • proxyName="confluence.mycompany.com"
  • proxyPort="443"

 

Let me know if this helps, 

 

--Alexis

Suggest an answer

Log in or Sign up to answer
This widget could not be displayed.
This widget could not be displayed.
Community showcase
Published in Confluence

Confluence CVEs and common questions

Two vulnerabilities have been published for Confluence Server and Data Center recently: March 20, 2019 CVE-2019-3395 / CVE-2019-3396 April 17, 2019 CVE-2019-3398 The goal of this article is...

946 views 0 19
Read article

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you