Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

Next challenges

Recent achievements

  • Global
  • Personal

Recognition

  • Give kudos
  • Received
  • Given

Leaderboard

  • Global

Trophy case

Kudos (beta program)

Kudos logo

You've been invited into the Kudos (beta program) private group. Chat with others in the program, or give feedback to Atlassian.

View group

It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

SSL for Confluence - No connection

Hello Community,

 

I have done some reading on the other posts about getting SSL working for Confluence and I am still having the same error - "Page cannot be displayed - remote device or resource won't accept the connection."

I have not adjusted the web.xml (is this step required?), only set the base URL (we have it at http://confluenceuat/confluence and I made it https://confluenceuat/confluence).

Here is my server.xml:

<Connector port="8443" maxHttpHeaderSize="8192"
maxThreads="150" minSpareThreads="25"
protocol="org.apache.coyote.http11.Http11NioProtocol"
enableLookups="false" disableUploadTimeout="true"
acceptCount="100" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLSv1.2" sslEnabledProtocols="TLSv1.2" SSLEnabled="true"
URIEncoding="UTF-8"
keystoreFile="D:\Program Files\Atlassian\Confluence\myKeystore.p12" keystorePass="<password>"
keyAlias="myAlias" keystoreType="PKCS12"/>

 

I am using a PKCS12 keystore as you can see by the keystore file and the Type. The cert was signed by our company root CA and we use this same type of cert for our other internal systems. It also has a different alias, which from some other posts shouldn't be an issue if its specified. I have also tried importing the certificate from our .p12 to a .keystore created according to Atlassian Docs with the same result.

 

I have had some errors in my catalina logs such as the key not being read etc, but I've resolved those. Now when I start it up these are the only Warning logs I have:

 

operty [debug] to [0]
13-Nov-2020 11:30:34.433 WARNING [main] org.apache.catalina.startup.SetAllPropertiesRule.begin [SetAllPropertiesRule]{Server/Service/Connector} Setting property 'debug' to '0' did not find a matching property.
13-Nov-2020 11:30:34.464 WARNING [main] org.apache.tomcat.util.digester.SetPropertiesRule.begin Match [Server/Service/Engine] failed to set property [debug] to [0]
13-Nov-2020 11:30:34.464 WARNING [main] org.apache.tomcat.util.digester.SetPropertiesRule.begin Match [Server/Service/Engine/Host] failed to set property [debug] to [0]
13-Nov-2020 11:30:34.480 WARNING [main] org.apache.tomcat.util.digester.SetPropertiesRule.begin Match [Server/Service/Engine/Host/Context] failed to set property [debug] to [0]
13-Nov-2020 11:30:34.496 WARNING [main] org.apache.catalina.core.StandardContext.setPath A context path must either be an empty string or start with a '/' and do not end with a '/'. The path [${confluence.context.path}/synchrony-proxy] does not meet these criteria and has been changed to [/${confluence.context.path}/synchrony-proxy]
13-Nov-2020 11:30:34.496 WARNING [main] org.apache.tomcat.util.digester.SetPropertiesRule.begin Match [Server/Service/Engine/Host/Context] failed to set property [debug] to [0]

and

13-Nov-2020 11:31:50.810 WARNING [Catalina-utility-1] org.apache.catalina.startup.HostConfig.deployDescriptor The path attribute with value [/synchrony-proxy] in deployment descriptor [D:\Program Files\Atlassian\Confluence\conf\Standalone\localhost\synchrony-proxy.xml] has been ignored
13-Nov-2020 11:31:50.810 WARNING [Catalina-utility-1] org.apache.catalina.startup.SetContextPropertiesRule.begin [SetContextPropertiesRule]{Context} Setting property 'debug' to '0' did not find a matching property.

I don't think these are related to my https specific config, though, as I see them even when https isn't enabled / commented out in the server.xml. My INFO logs show the following (and these logs end the catalina.log file after a service restart):

13-Nov-2020 11:31:53.904 INFO [main] org.apache.coyote.AbstractProtocol.start Starting ProtocolHandler ["ajp-nio-127.0.0.1-8090"]
13-Nov-2020 11:31:53.919 INFO [main] org.apache.coyote.AbstractProtocol.start Starting ProtocolHandler ["https-jsse-nio-8443"]
13-Nov-2020 11:31:53.935 INFO [main] org.apache.catalina.startup.Catalina.start Server startup in [79,002] milliseconds

No errors that appear to be key-related.

 

I also ran netstat -ab and see TCP [::]:8443 is listening. I'm at a loss now, I'm pretty sure I tried just about everything from the docs and other Community posts. Does anyone see something I missed?

1 answer

1 accepted

0 votes
Answer accepted
Daniel Ebers Community Leader Nov 17, 2020

Hi Brian,

welcome to the Atlassian Community!

Is there by any chance a firewall active?
This could be either the case on the host itself or on your client?
With some probability (if the network is managed) even in between - for example if it is a managed office network environment where you're in.

Can you confirm you can rule a firewall out as a reason?

Cheers,
Daniel

Hi Daniel,

Thank you for the welcome!

We do not have firewalls imposed on the traffic within this "office." Only between other geographic locations or externally. I am using the server Confluence is hosted on and one other server to troubleshoot and test connectivity, and they have no firewalls between them.

Daniel Ebers Community Leader Nov 19, 2020

Do you access using port 443 or 8443 currently?

Have you installed a reverse proxy in front of Confluence?

I am using port 8443.

We have no reverse proxy in front of Confluence or in our internal network.

Daniel Ebers Community Leader Nov 19, 2020

Thanks for clarification.

Debugging by just reading the log output is always something what can be considered hard.

A very interesting part is your statement

I also ran netstat -ab and see TCP [::]:8443 is listening.

Along with your information you are accessing using port 8443.
Also the log files look good.

There is not anything else I could advise right now. It still looks to me the connection is blocked/not possible for any reason while the situation on the server (as per log files) look good.

All similar cases here in Community had other characteristics. A missing certificate (I doubt your case is related to that - you would see errors in the log file), a not-starting application due to missing RAM (also not applying as you have a port opened) or a incompletely installation (also not very likely).

I guess you followed this instruction:
https://confluence.atlassian.com/doc/installing-confluence-on-windows-255362047.html

The next hint - but this is the last idea from just reading the logs would be to ping the machine if it answers as well as to check if you can reach Confluence using the (non-secured) port 8090 from a different machine.
Please note that even if you can the SSL topic needs to be inspected further. It only shows if Confluence would be reachable at all or if other ports are also unreachable.

Confluence does run on http port 8090, it has been running since before I worked here. We also have other applications running on the server like TFS and SSRS.

There may be some conflicting issues because of this exact issue though, and I have no familiarity with how they interact and what impact previous configurations may have on Confluence.

I'm going to file this as a lost cause. Next step will be to migrate Confluence on its own server. We're doing a large migration to Server 2019 anyhow so this will fit right in.

Suggest an answer

Log in or Sign up to answer
TAGS
Community showcase
Published in Confluence

Announcing Team Calendars in Confluence Data Center

Hi Community! We're thrilled to share that Team Calendars for Confluence is now a built-in feature for Confluence Data Center releases 7.11 and beyond.  A long time favorite,  Team Cale...

78 views 0 3
Read article

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you