Confluence Server App Won't Connect - Can't Get Secure Connection

Michael Santangelo July 3, 2020

We are running Confluence Server 6.14.3 with a Wildcard Sectigo Certificate.  HTTPS works fine on Desktops and in Mobile Browser.  Connecting with the App on a phone throws the error about can't get a secure connection.

I believe this is because on our mobile devices we are required to install a Securly middleman certificate.

Is there any way to bypass this security check or get it to work with our Securly certificate?

 

3 answers

1 accepted

1 vote
Answer accepted
Michael Santangelo July 27, 2020

We switched from using an Apache Proxy Redirect to using Tomcat JKS for SSL, this has resolved our issue.

 

Thanks to all and Atlassian Support for their assistance.

Dario B
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
August 5, 2020

Thanks for updating this thread with the solution @Michael Santangelo ! 

Like Michael Santangelo likes this
0 votes
Michael Santangelo July 22, 2020

Is it possible that it's because we use an Apache HTTPS redirect instead of a direct HTTPS connector in Tomcat?  I could, with some doing, try that.

Dario B
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
July 22, 2020

Hi @Michael Santangelo ,

I believe the best way to proceed at this point is to check the logs.

Please find the instructions below:

How to access the feature
Log generation can be turned on/off and shared via the "Advanced Settings" panel, this can be accessed by:
  • On one of the login screens (either 'Select Site' or 'Enter Instance URL'), tap 5 times on the top left side. This will take you to the 'Advanced Settings' panel.
  • On "Settings" screen tap 5 times on the top left navigation bar.
  • This will show an "Advanced Settings" row on the screen, tapping on which will take you to the "Advanced Settings" panel.
  • The toggle "Show in Settings" in the "Advanced Settings" panel can be used to update the visibility of the "Advanced Settings" row in the "Settings" screen.
How to generate logs
  • Log out of the app.
  • On one of the login screens (either 'Select Site' or 'Enter Instance URL'), tap 5 times on the top left side. This will take you to the 'Advanced Settings' panel.
  • Turn on 'Enable logging'.
  • Tap 'Done' to return to the login screen.
  • Repeat the login steps that previously resulted in an error. Don't kill the app, as the logs are stored in memory.
  • Return to 'Advanced Settings' (tap 5 times) and then tap 'Share logs'.

 

Let us know what you find in the logs when you get the error or just paste them in your reply (making sure to remove any sensitive data).

 

Cheers,
Dario

Michael Santangelo July 22, 2020

Where am I tapping on the the screen in the App?  I am sitting at the initial login screen, where it says "Confluence" and "Enter your site URL" with a NEXT button and a "Need help finding your site URL?" link... 

I tapped 5 times all along the left side of the screen and nothing at all happens. 

Michael Santangelo July 22, 2020
Dario B
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
July 23, 2020

Hi @Michael Santangelo ,

I have created a support request with the Confluence Server team in order to have your issue further investigated: CSP-278104

Please follow-up with the assigned Support Engineer in order to have your issue addressed. 

Also, once done, it would be nice if you can spare some time to paste the solution in here.

 

Cheers,
Dario 

Like Michael Santangelo likes this
Michael Santangelo July 24, 2020

Thanks Dario!  I'll post any solutions that we find.

Like Dario B likes this
Dario B
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
July 24, 2020

You are very welcome @Michael Santangelo ! :) 

Have a nice weekend,

Dario

0 votes
Dario B
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
July 9, 2020

Hi Michael,

In below KB article you should find everything you need to fix your issue:

 

For further details you might also want to check:

 

I hope this helps.

 

Cheers,
Dario

Michael Santangelo July 9, 2020

I did see this article before I posted.  It wasn't very helpful...

The certificate we have is not self signed.

The CA is trusted, as is the Securly add-in certificate.  They've both been installed as part of MDM.

There are no missing intermediate certificates.

HTTPS is enabled and TLS1.2 is OK on the Apache proxy. 

I thought it had to do with the Securly add-in certificate but I removed it as a test and it still doesn't work. 

 

Is there some sort of app Error Log so I can get a more useful error message to check?

Dario B
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
July 17, 2020

Hi @Michael Santangelo ,

So, if I understand correctly:

  • Your certificate is not self signed but from a trusted CA
  • You are able to connect using HTTPS successfully from normal browsers
  • The only thing not working is the mobile app

 

If this is correct, can you kindly let me know:

  1. if you are using the mobile app on an apple device. In that case you might want to check if your certificate is meeting new security requirements in iOS 13
  2. If you are using Confluece Server or Data Center

 

Cheers,
Dario

Michael Santangelo July 20, 2020

You understand correctly.  Please see the attached screenshot from Chrome on a Desktop.

Confluence.png

All users attempting to connect to Confluence via mobiles are using Android phones.  After typing in confluence.chatham-nj.org at the app screen all we get is:

Screenshot_20200720-100823_Confluence.jpg

We are using Confluence Server, self-hosted, version 6.14.3.

Michael Santangelo July 20, 2020

If I attempt to login to Confluence via Chrome on an Android device: it works.  Just the mobile app does not work.

Michael Santangelo July 20, 2020

My previous reply seems to have gone missing.

1) The certificate is not self-signed, it's a wildcard certificate signed by Sectigo. 

2) We are able to connect via browsers on both mobile (Android) and desktop (Windows) - both in Chrome.

3) We are not using any Apple devices.  Only Windows desktops/laptops, Chromebooks and Android mobiles.

4) We are using Confluence server, self-hosted, version 6.14.3.

Confluence.png

Suggest an answer

Log in or Sign up to answer
DEPLOYMENT TYPE
SERVER
VERSION
6.14.3
TAGS
AUG Leaders

Atlassian Community Events