It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

Confluence Update

Deleted user Apr 14, 2020

Hello Support,

 

we tried to update our Confluence to the recent Version. The Upgrade works but the Access to our Confluence trough SSL is still not working anymore.

We need your assistance. We think the Problem is the "C:\Program Files\Atlassian\Confluence\conf\server.xml" and the "C:\Program Files\Atlassian\Confluence\confluence\WEB-INF\web.xml".

But we still cant find the Issue.

Thanks.

 

MR. Andreas Neugum isnt more in our company. Im the new Administrator. You can contact me with Daniele.Titone@phorn.de or +49707170041104

1 answer

Hallo Daniele Titone,

Um die Confluence mit SSL betreiben zu können, müssen einige Einträge in der .../conf/server.xml geändert werden:

Öffnen des Bereichs:

HTTPS - Direct connector with no proxy, for unproxied HTTPS access to Confluence.


 <Connector port="8443" maxHttpHeaderSize="8192"
                  MaxThreads="150" minSpareThreads="25"
                  protocol="org.apache.coyote.http11.Http11NioProtocol"
                  enableLookups="false" disableUploadTimeout="true"
                  acceptCount="100" scheme="https" secure="true"
                  clientAuth="false" sslProtocol="TLSv1.2" sslEnabledProtocols="TLSv1.2" SSLEnabled="true"
                  URIEncoding="UTF-8"  
                  keystoreType="PKCS12"
                  keystoreFile="/Pfad zur Keystore-Datei" 
                  keystorePass="Passwort der Keystore Datei falls vergeben"/>

Falls nicht im Format PKCS12 betrieben wird dann diesen Eintrag weg lassen.
Der Pfad zum keystoreFile ist aber nachzutragen. 

Falls Connector port geändert wurde, wie hier in 8443, dann diesen auch im Default Bereich ändern unter redirectPort=8443 

==============================================================================================================
        DEFAULT - Direct connector with no proxy, for unproxied HTTP access to Confluence.

        If using a http/https proxy, comment out this connector.
        ==============================================================================================================

       <Connector port="8090" connectionTimeout="20000" redirectPort="8443"
                  MaxThreads="60" minSpareThreads="10"
                  enableLookups="false" acceptCount="10" debug="0" URIEncoding="UTF-8"
                  protocol="org.apache.coyote.http11.Http11NioProtocol"/>

Die aktuelle SSL Keystore Datei sollte natürlich im angegeben Pfad vorhanden sein.

Siehe auch hier:
https://confluence.atlassian.com/doc/running-confluence-over-ssl-or-https-161203.html

 

Wobei ich die Änderungen in der web.xml mal vergessen habe und es geht auch ohne.
Ob es aber ein Sicherheitsproblem gibt kann ich nicht sagen. Also machen.

<security-constraint>
  <web-resource-collection>
    <web-resource-name>Restricted URLs</web-resource-name>
    <url-pattern>/</url-pattern>
  </web-resource-collection>
  <user-data-constraint>
    <transport-guarantee>CONFIDENTIAL</transport-guarantee>
  </user-data-constraint>
</security-constraint>

 

hoffe es hilft

Gruß

rp

Suggest an answer

Log in or Sign up to answer
TAGS
Community showcase
Posted in Confluence

Lessons and Learnings: Six Months of Working Remote [Discussion]

Hey there, folks! For most of us, the past six months- yes, you read that right- have been a journey. More people than ever before have pivoted to working remotely, and navigating being on-scre...

8,411 views 6 6
Join discussion

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you