How do we enable Synchrony on Windows Server with SSL?

I'm running the basic Confluence Install, but on a custom port for SSL (and on the same server as JIRA, but each has its own Tomcat and Java instance running). When I try to turn on Synchrony, it just says that it failed to start:

Synchrony problems are preventing people from saving their work
To protect your team's shared drafts, we recommend changing to limited mode while you troubleshoot the problem. Once Synchrony is running again you'll be ready to turn collaborative editing back on.

I have confirmed that port 8091 is open on the firewall, but not sure if that's necessary since Synchrony and Confluence are running on the same computer. 

When I run the troubleshooter, the only line of text that seems applicable says:

SSL issues
Synchrony cannot accept direct HTTPS connections, so you will need to terminate SSL at your reverse proxy or load balancer, or at Tomcat if you are not using a reverse proxy.

What are the steps to do this? Is there a config file that I need to modify? Tomcat installed with Confluence and Synchrony, it's not a technology we use, so I can only follow instructions for this setup, not troubleshoot much beyond them on my own.

Thanks for any help,
Colin

1 answer

0 vote
Josh Steckler Community Champion Jul 14, 2017

The best way to do this would be to put a proxy in front of Confluence. On windows you can do this with IIS. You will need to modify the c:\<installdir>\conf\server.xml file and set up the proxy using these instructions: https://confluence.atlassian.com/kb/proxying-atlassian-server-applications-with-microsoft-internet-information-services-iis-833931378.html

Josh, thanks for the reply and information. We don't want to run another web server (just the Tomcat needed for Confluence and JIRA) on the server for performance, security, and management simplicity reasons.

Does that basically mean that we can't use the collaborative editing features of Confluence?

Is there really no way to do it through the existing Tomcat server that installed with Confluence?

Thanks again,
Colin

 

Josh Steckler Community Champion Jul 14, 2017

You can use tomcat directly, but I have found that dealing with keystores, and the issues around needing to rewrite non-https users are easier to manage using a proxy, along with better performance. Usually web servers are quicker at resolving SSL than tomcat.

This is the document for using tomcat directly: https://confluence.atlassian.com/doc/running-confluence-over-ssl-or-https-161203.html

 

 

Suggest an answer

Log in or Sign up to answer
Atlassian Community Anniversary

Happy Anniversary, Atlassian Community!

This community is celebrating its one-year anniversary and Atlassian co-founder Mike Cannon-Brookes has all the feels.

Read more
Community showcase
Kesha Thillainayagam
Posted Apr 13, 2018 in Confluence

We want to hear how your non-technical teams are using Confluence!

Hi Community! Kesha (kay-sha) from the Confluence marketing team here! Can you share stories with us on how your non-technical (think Marketing, Sales, HR, legal, etc.) teams are using Confluen...

380 views 21 10
Join discussion

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you