Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Groups
Explore all groups
Community resources

HTTPS

Rafal Niznik
Rafal Niznik Aug 20, 2017

Hi All

Confluence is new to me but currently I want to setup SSL 

I follow all instruction I found but still have some issues running over SSL

Can anyone advice and provide basic step-by-step guide?

I'm runnning confluence under Debian box

 

Regards

Raf

Answer
Watch
Like Be the first to like this

2 answers

1 vote
Noam Dahan
Noam Dahan Aug 21, 2017

Run on application server:

openssl genrsa -out confKey.key 2048 -sha256


openssl req -new -key confKey.key -out confReq.csr

 

Send confReq.csr to CA

Take caReply.cer to server

 

openssl pkcs12 -export -out key.pfx -inkey confKey.key -in caReply.cer


keytool -importkeystore -srckeystore key.pfx -srcstoretype pkcs12 -destkeystore myKey.jks -deststoretype JKS


On server.xml file:

<Connector port="8443" maxHttpHeaderSize="8192"
maxThreads="150" minSpareThreads="25"
protocol="org.apache.coyote.http11.Http11NioProtocol"
enableLookups="false" disableUploadTimeout="true"
acceptCount="100" scheme="https" secure="true"
clientAuth="false" sslProtocols="TLSv1,TLSv1.1,TLSv1.2" sslEnabledProtocols="TLSv1,TLSv1.1,TLSv1.2" SSLEnabled="true"
URIEncoding="UTF-8" keystorePass="changeit" keystoreFile="/path/to/myKey.jks"/>


Restart confluence

Change base url

Reply
0 vote
Nic Brough [Adaptavist]
Nic Brough [Adaptavist] Community Champion Aug 20, 2017

You'll need to decide on what route you want to take first.  You can either try to run Confluence's Tomcat with SSL, or take the recommended route of setting up a simple reverse proxy that handles all the SSL stuff.  (There are other routes, but these are more than a little unusual, and I'm only really familiar with the 97% of cases that go with a proxy).

Do you have a preference?  If so, and it's a proxy, which web server would you choose as the proxy?  (Nginx, Apache, Lighttpd etc)

View More Comments
Rafal Niznik
Rafal Niznik Aug 21, 2017

currently I use Sophos XG firewall that has option to protect webservers but not really sure hot to set this up

Nic Brough [Adaptavist]
Nic Brough [Adaptavist] Community Champion Aug 21, 2017

That's nothing to do with SSL or proxies.  Although you may have to configure it to allow traffic on the port you want to run on.

Reply

Suggest an answer

Log in or Sign up to answer
How to earn badges on the Atlassian Community

How to earn badges on the Atlassian Community

Badges are a great way to show off community activity, whether you’re a newbie or a Champion.

Learn more
Community showcase
Jessica Lynn
Jessica Lynn
Posted Tuesday in Confluence

We want to see the templates you've created in Confluence!

Hi Community, Jessica here from the Confluence Product Marketing team!  July’s community challenge is all about sharing pictures  — and as an extension of our first post on what ...

424 views 18 9
Join discussion

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you