How to make Confluence available via Apache

Hi All,

I am using confluence 5.2.5 on Linux machine. I have installed confluence but when i try to view through browser using port 8090. it is not working as we have firewall blocked that port. Now i would like to connect Confluence via 80 port.

 

Can any one please provide me steps to connect Confluence via apache. what all enties i am supposed to make.

 

Thank you,

 

4 answers

1 accepted

Here a detailed description about setting up Apache with SSL (HTTPS) 

Configuration

Client Browser -> HTTPS/SSL -> Apache Proxy -> AJP -> Tomcat (JIRA)

In this HowTo we configure apache to run as a proxy. The client has a secure connection with the Apache proxy and then through AJP protocol it communicates with Tomcat(e.g. Jira, Confluence, etc.) 

Install Apache Web Server

Install Apache HTTP Server with yum

 

[root@localhost ~]# yum install httpd

 

Set the httpd service to start on boot:

 

[root@localhost ~]# chkconfig --levels 235 httpd on

 

IF YOU WANT TO TEST HTTPD enable the name-based virtual hosting on port 80

  • Open the httpd configuration file located at /etc/httpd/conf/httpd.conf
  • Un-comment the line containing the text NameVirtualHost *:80
  • Save the file
  • Restart the Apache HTTP Server daemon with command "service httpd restart"
    Note: Ignore the "NameVirtualHost *:80 has no VirtualHosts" warning for now.
  • Visit localhost in your web browser.  You should see an Apache Test Page.

Install mod_SSL (JIRA configuration later along with JIRA installation)

Install mod_ssl with yum

 

[root@localhost ~]# yum install mod_ssl

 

 

Connecting Apache with JIRA Tomcat using AJP.

First the AJP connector must be enabled in JIRA Tomcat. Go to <JIRA_INSTALL>/conf/server.xml. Uncomment the connector which uses the AJP protocol. Should be like this:

 

 

<Connector port="8009" address="127.0.0.1" redirectPort="8443" enableLookups="false" protocol="AJP/1.3" URIEncoding="UTF-8"/>

 

Make sure sure u also add address="127.0.0.1" to the connector. This way tomcat connector will accept requests only from localhost

Configure Apache with SSL

Now we need to create the Virtual Host in our Apache server, which serves as a proxy, that will handle the https requests. Remove the default ssl.conf and create a *.conf file under /etc/httpd/conf.d and insert:

 

 

# Redirect all traffic from port 80 to 443 for security reasons
NameVirtualHost *:80
<VirtualHost *:80>
   ServerName "example.yourdomain.com"
   Redirect permanent / https://example.yourdomain.com/
</VirtualHost>
 
LoadModule ssl_module modules/mod_ssl.so
Listen 443
 
 
 
NameVirtualHost "Server_IP":443
  
<VirtualHost "Server_IP":443>
ServerName example.yourdomain.com
ProxyPass / ajp://localhost:8009/
ProxyPassReverse / ajp://localhost:8009/
CustomLog /var/log/httpd/jira_ssl_fullaccess.log combined
ErrorLog /var/log/httpd/jira_ssl_error.log
  
SSLEngine on
  
SSLProtocol all -SSLv2
  
SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW
  
  
SSLCertificateFile /etc/pki/tls/certs/localhost.crt
#SSLCertificateChainFile /etc/pki/tls/certs/server-chain.crt
SSLCACertificateFile /etc/pki/tls/certs/ca-bundle.crt
SSLCertificateKeyFile /etc/pki/tls/private/localhost.key
  
</VirtualHost>

 

Make sure to change the SERVER_IP to the IP of the virtual machine that JIRA is being installed. Also change the ServerName to the appropriate value.

After all the changes restart the httpd service!


Hi @Alexander Penev [ByteSource] I have tried using above Steps but still problem exist. I went through Confluence Logs but it shows server startup in 600 ms. I guess there is config problem between Apache and Confluence web server. Can you please let me know where should i look at and troubleshoot.

You have already shown that Confluence is running, so the problem is with Apache. You should therefore read the Apache logs to find out what it is doing. It is quite difficult for us to help you when you don't tell us what you are doing differently from the standard documentation or what you've been shown. "I tried using above steps but still problem exist" means either that you have broken something else or you have not followed the instructions, but you have not told us what.

@Nic Brough [Adaptavist] @Alexander Penev [ByteSource] : It’s just a config problem between Apache and Confluence web server. Please let me know which all log files would you like to have i can provide with. Thank You, Akash

Um. 1. Try to get it working without AJP first. Most users do not have a need for AJP, and the config without it is easier 2. Where did you get that virtualhost from? It looks like guesswork instead of the proxy pass you actually need. Please, try to follow the documentation, that is known to work - get that right and then move away from it, otherwise there's no way we'll be able to focus on the actual problems you have.

@AKASH BHARDWAJ show me first the ira_ssl_fullaccess.log and jira_ssl_error.log What error do you get in the browser ?

@Alexander Penev [ByteSource] : Hi Alexander, I am using Confluence not JIRA, so can you please let me know what files am i supposed to produce for you. Thank You, Akash

In my post I describe how to set up apache: {noformat} <VirtualHost "Server_IP":443> ServerName example.yourdomain.com ProxyPass / ajp://localhost:8009/ ProxyPassReverse / ajp://localhost:8009/ CustomLog /var/log/httpd/jira_ssl_fullaccess.log combined ErrorLog /var/log/httpd/jira_ssl_error.log {noformat} So please show me what is in the logs defined above

Note that Akash's virtualhost in Apache completely ignores all the documentation and your posting - I've no idea why we're being ignored there. Akash - it's worth getting this correct and re-trying before looking at the logs, please fix your apache config before proceeding.

@Nic Brough [Adaptavist] : Hi Nic, Thank you so much for you effort that you are putting to resolve this issue. Really appreciated. I have started over all again, Now what i can see is Apache is doing good now. I can access a Test Page over browser using IP of my server and i can see Tet Page opens. Now as i need to only have to work on httpd conf file to make my Confluence server use 8080 port. I have made entry in iptable file too. whenever i make any changes for eg: inserting virtualhost and other parameters it fails again. Can you please let me know how should i proceed ahead. Either follow the above Steps again which Alexander mentioned or something different would do a trick to me. I am sure this is all httpd.conf error that i am facing and not able to run my confluence behind apache. Thank You, Akash

What does your virtualhost say now? Have you actually used one that's in the documentation or here?

I'm not sure you should be using "touch" if you're not sure how to use it. when used with a wildcard, it's NEVER going to create anything.

@Alexander Penev [ByteSource] : Hi Alexander, Can you please let me know when i try creating a file by "touch *.conf", no file is created, Instead there is default file notrace.conf it opens. Can you please let me know where i am going wrong.NameVirtualHost *:80. Installed mod_ssl. @Nic Brough [Adaptavist] : Hi Nic i have just uncommented the line as per Alexander suggested i.e

"touch *.conf" will change the date/time stamp on all files named <something>.conf. It will not create a new file. If you want to create a new file, you have to give touch a *new* file name to work with. I don't know what you have commented or uncommented here - could you please tell us what you have for your <virtualhost>? The one you had earlier was useless and I don't know where you might have pulled it from because it's not in any of the docs you should have been following. The oe Alexander has posted should work ok if you have ajp enabled correctly in Confluence/Tomcat.

@Nic Brough [Adaptavist] : Hi Nic, I can finally access my Site through HTTPS, Thank you for your support and all effort to reach goal. I was all going wrong with Virtual Host parameter. I followed Alexander Steps and tried again and it did magic. @Alexander Penev [ByteSource] : Hi Alexnader, Thank You very much, i was all messed up with Port configurations. I have finally reach to Confluence setup page over my browser. Thank you for your steps it did great magic. Thank you, Akash

Edit a config file in confluence-app/conf/server.xml. There is connector and change this port. In apache config (httpd.conf) set to listening to port 80.

0 votes

This is a result of the question you asked before, where there is more information https://answers.atlassian.com/questions/9880654

@Nic Brough [Adaptavist] Hi Nic, Thank you !!

@TtheB : i have followed above links and made changes over /etc/httpd/conf/httpd.conf file. But i am still not able to make my site up. Can you please provide me with more concrete steps or documentation that i should follow to over come this issue. THank You, Akash

It looks like that you have a bad httpd.. There you have: Listen 80 (or the port number where you listen) ServerName your.domain.com (if you havent virtualhost) DocumentRoot locationForYourApp This is main, but there are many important settings. For more try some tutorial like this: http://httpd.apache.org/docs/2.0/misc/tutorials.html And finally check if your service is running :) On which OS you are running?

I am using Linux RHEL 6..

I dont know your skills on that but try to set htppd.conf as i wrote above (better from tutorial what i inserted) and after that run httpd service. Check if htppd running and start service for confluence. Mainly create service for httpd! :) Much easier for using. http://www.techotopia.com/index.php/Configuring_RHEL_6_Runlevels_and_Services

Confluence is running, we were able to get the "setup confluence" by poking it directly on the server. It's the Apache Akash is struggling with. I'm not sure what is actually configured, it would be good to know what's different between the Apache setup on the server and what it suggests at https://confluence.atlassian.com/display/DOC/Running+Confluence+behind+Apache

Suggest an answer

Log in or Sign up to answer
Community showcase
Posted Oct 24, 2018 in Confluence

Atlassian Research opportunity with Confluence templates

Do you use templates with Confluence? Take part in a remote 1-hr workshop. You'll receive USD $100 for your time!   We're looking for people to participate in a   remote 1-hr workshop...

1,030 views 15 13
Join discussion

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you