Running confluence over SSL - not working

Hi,

I did type a very long answer in here and it posted because I saw the confirmation, but I see that it seems to have not made it in :-(  I will try to remember it all.

Firstly, thanks for the offer of help and the promise of excellent service.

We are running Jira and Confluence on the same server as it is a VM and we can throw a load of hardware at it. Also, one of our staff said they had both systems running on the same server in a previous role and here it is OK with the exception of the SSL in Confluence.

Using "netstat -a -b" I can see that tomcat is listening on the right ports:

TCP 0.0.0.0:8080 servername:0 LISTENING
[tomcat8.exe.x64]     <-- this is jira on http
TCP 0.0.0.0:8090 servername:0 LISTENING
[tomcat9.exe]     <-- this is confluence on http
TCP 0.0.0.0:8091 servername:0 LISTENING
[java.exe]
TCP 0.0.0.0:8443 servername:0 LISTENING
[tomcat8.exe.x64]     <-- this is jira on https
TCP 0.0.0.0:8444 servername:0 LISTENING
[tomcat9.exe]     <-- this is confluence on https

The server.xml has the following entries un-commented about connectors:

<Connector port="8090" connectionTimeout="20000" redirectPort="8444"
 maxThreads="48" minSpareThreads="10"
 enableLookups="false" acceptCount="10" debug="0" URIEncoding="UTF-8"
 protocol="org.apache.coyote.http11.Http11NioProtocol"/>

<Connector port="8444" maxHttpHeaderSize="8192"
 maxThreads="150" minSpareThreads="25"
 protocol="org.apache.coyote.http11.Http11Nio2Protocol"
 enableLookups="false" disableUploadTimeout="true"
 acceptCount="100" scheme="https" secure="true"
 clientAuth="false" sslProtocol="TLSv1.2" sslEnabledProtocols="TLSv1.2" SSLEnabled="true"
 URIEncoding="UTF-8" keystorePass="password" keystorefile="drive:\folder\confluence.jks"/>

I cannot use SSL Server Test as this server isn't externally accessible - it is on our corporate network. Are there any internally running tools you could recommend? Surehly though, the app woudl have to response with something to test the certificate.

Confluence creates lots of logs - which ones can I look into see the underlying error (if any?)

Also I should have said (but I don't think it is a contributing factor) but we are using a CNAME to access confluence, rather than the server name. e.g. the users will type in something like https://confluence:8444 rather than https://unmemorableservernamethatconfusestheusers:8444

We do this a lot and it works with Jira. I say I don't think it contributes as:

1. the CNAME works when using http://confluence:8090
2. nothing is shown when browsing https://servername:8444 and usually the page would load, but a certificate error would be displayed.

I hope this helps and I look forward to your answer!

Thanks

Mark

Hi Mark!

Don't worry about the support for Starter Licenses! I'm not sure if you are aware, but there's a support team here on Community, and we all used to work on the support portal before we moved here. The support is the same quality, and if we need to obtain the Support Zip from you, we can open a case to do that.

In terms of your issue, would you be able to have a look at your server logs as well as having a peek in your Developer Tools console? It should give us some clue as to why it's not loading.

Another test I would recommend is entering your URL into this SSL Server Test. Sometimes this can let you know if there's an issue with your SSL certificate that you may not be aware of.

Finally, as Kian mentioned, make sure port 8444 is open, and that you have updated the connector in server.xml accordingly.

Feel free to share with us your settings so we can have a look and make sure everything is set up properly.

Regards,

Shannon

Typically you'd want to run Confluence and Jira on separate machines to avoid any port issues and to dedicate the correct resources to each machine.

As for why you can't get it working, there could be different issues at play here. 

1) Did you validate that the server.xml has been changed to 8444?

2) Have you validated that 8444 is open?