Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Groups
Explore all groups
Community resources

HTTPS

Rafal Niznik
Rafal Niznik Aug 20, 2017

Hi All

Confluence is new to me but currently I want to setup SSL 

I follow all instruction I found but still have some issues running over SSL

Can anyone advice and provide basic step-by-step guide?

I'm runnning confluence under Debian box

 

Regards

Raf

Answer
Watch
Like Be the first to like this

2 answers

1 vote
Noam Dahan
Noam Dahan Aug 21, 2017

Run on application server:

openssl genrsa -out confKey.key 2048 -sha256


openssl req -new -key confKey.key -out confReq.csr

 

Send confReq.csr to CA

Take caReply.cer to server

 

openssl pkcs12 -export -out key.pfx -inkey confKey.key -in caReply.cer


keytool -importkeystore -srckeystore key.pfx -srcstoretype pkcs12 -destkeystore myKey.jks -deststoretype JKS


On server.xml file:

<Connector port="8443" maxHttpHeaderSize="8192"
maxThreads="150" minSpareThreads="25"
protocol="org.apache.coyote.http11.Http11NioProtocol"
enableLookups="false" disableUploadTimeout="true"
acceptCount="100" scheme="https" secure="true"
clientAuth="false" sslProtocols="TLSv1,TLSv1.1,TLSv1.2" sslEnabledProtocols="TLSv1,TLSv1.1,TLSv1.2" SSLEnabled="true"
URIEncoding="UTF-8" keystorePass="changeit" keystoreFile="/path/to/myKey.jks"/>


Restart confluence

Change base url

Reply
0 votes
Nic Brough [Adaptavist]
Nic Brough [Adaptavist] Community Champion Aug 20, 2017

You'll need to decide on what route you want to take first.  You can either try to run Confluence's Tomcat with SSL, or take the recommended route of setting up a simple reverse proxy that handles all the SSL stuff.  (There are other routes, but these are more than a little unusual, and I'm only really familiar with the 97% of cases that go with a proxy).

Do you have a preference?  If so, and it's a proxy, which web server would you choose as the proxy?  (Nginx, Apache, Lighttpd etc)

View More Comments
Rafal Niznik
Rafal Niznik Aug 21, 2017

currently I use Sophos XG firewall that has option to protect webservers but not really sure hot to set this up

Like
Nic Brough [Adaptavist]
Nic Brough [Adaptavist] Community Champion Aug 21, 2017

That's nothing to do with SSL or proxies.  Although you may have to configure it to allow traffic on the port you want to run on.

Like
Reply

Suggest an answer

Log in or Sign up to answer
Community showcase
Elaine Hankins
Elaine Hankins
Posted Monday in Confluence

Organizing your space just got easier - Page Tree Drag & Drop is here

Hi Community! I’m Elaine, Confluence Product Manager. You may have read my earlier post about page tree in space navigation sidebar. I'm excited to share another improvement that helps you organize ...

77 views 3 3
Join discussion

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you