Converting Confluence 7.15 to use HTTPS and getting a "refused to connect" error. Verified that certificate from CA imported correctly and modified server.xml file to uncomment the HTTPS section and add path to the keystore file and the keystore password. But when running the netstat command: netstat -na | find "8443", nothing returns, so Confluence is not listening on that port although that is the HTTPS port configured in server.xml.
I have restarted the Windows service several time so trying different things.
Is there other configuration required in Confluence that I either missed in the documentation or is not there?
Hi @Joe Roper ,
did u read the following how-to article https://confluence.atlassian.com/doc/running-confluence-over-ssl-or-https-161203.html ?
Fabio
Hi Fabio, yes that is the document that I used for the conversion. I followed the steps but still receive a "Refused to connect" message. My CA is administered by my company internally (not external like Verisign). One thing was that when installing the certificate from my CA, it had an error that said "keytool error: java.lang.Exception: Failed to establish chain from reply". The only way that we (myself and a member of the CA team) found to get the certificate to install was to delete the self-signed one first. He was telling me that we only needed the new certificate that he had generated from my certreq.csr file. What I found strange was that using the netstat command, it doesn't look like Confluence is even listening on port 8443.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi @Joe Roper ,
port should be 8090 and 443. Do u have a reverse proxy in front of your Confluence?
Fabio
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
HTTP is 8090. From the conversion documentation, it said to use 8443, I did try 443 with same results. According to the CA team, we do not use any proxy for internal applications, only traffic passing through the firewall to external sites is proxied.
Joe
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi @Joe Roper ,
try the following configuration in your server.xml file
<Connector port="8090" connectionTimeout="20000" redirectPort="8443"
maxThreads="48" minSpareThreads="10"
enableLookups="false" acceptCount="10" debug="0" URIEncoding="UTF-8"
protocol="org.apache.coyote.http11.Http11NioProtocol"
scheme="https" proxyName="YOUR_DOMAIN" proxyPort="443"/>
Fabio
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Fabio,
That only worked insofar as allowing Confluence to still use port 8090 in an unsecured mode, but it broke my "Manage Apps" link inside of Confluence. Couldn't reach the Marketplace after the change. Reverted to other config and it fixed that issue. Still not sure why NETSTAT shows that Confluence is not listening on port 8443 even with the config stated in:
https://confluence.atlassian.com/doc/running-confluence-over-ssl-or-https-161203.html
Is the self-signed certificate needed? My support guy said that it was only needed to create the certreq.cer file but could then be removed. My instinct is telling me that he is wrong, needs both the self-signed and the CA certificates.
Thank you for your assistance.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hello @Fabio Racobaldo _Herzum_
Do you have any further assistance, I am still unable to get it to work.
Joe
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.