Synchrony behind Apache 2.4 over SSL does not work?

Timothy Harris January 26, 2017

I have new Confluence 6.0 installed behing apache 2.4.18 running over SSL. When collaborative editing is enabled I cannot edit pages. Just stays there loading. I have followed the instructions provided by atlassian as best I could. Can anyone see what I have done wrong?

The Apache config:

<VirtualHost *:443>
ServerName my.example.dk

ProxyRequests Off

<Proxy *>
Require all granted
</Proxy>

ProxyPass / http://localhost:8090/
ProxyPassReverse / http://localhost:8090/

SSLEngine On
SSLCertificateFile /etc/apache2/ssl/vhhr_signed_cert.crt
SSLCertificateKeyFile /etc/apache2/ssl/privateKey.key
#SSLCertificateChainFile /etc/apache2/ssl/int.cer

<Location />
Require all granted
</Location>

ProxyPass /synchrony http://localhost:8091/synchrony

<Location /synchrony>
Require all granted
RewriteEngine on
RewriteCond %{HTTP:UPGRADE} ^WebSocket$ [NC]
RewriteCond %{HTTP:CONNECTION} Upgrade$ [NC]
RewriteRule .* ws://localhost:8091%{REQUEST_URI} [P]
</Location>

</VirtualHost>

<VirtualHost *:80>
ServerName my.example.dk
Redirect Permanent / https://my.example.dk/
Redirect Permanent /synchrony https://my.example.dk/synchrony
</VirtualHost>

The server.xml file:

<Server port="8000" shutdown="SHUTDOWN" debug="0">
<Service name="Tomcat-Standalone">
<Connector port="8090" connectionTimeout="20000" redirectPort="8443"
maxThreads="48" minSpareThreads="10"
enableLookups="false" acceptCount="10" debug="0" URIEncoding="UTF-8"
protocol="org.apache.coyote.http11.Http11NioProtocol"
proxyName="my.example.dk" proxyPort="443" scheme="https" />

<Engine name="Standalone" defaultHost="localhost" debug="0">

<Host name="localhost" debug="0" appBase="webapps" unpackWARs="true" autoDeploy="false" startStopThreads="4">
<Context path="" docBase="../confluence" debug="0" reloadable="false" useHttpOnly="true">
<!-- Logger is deprecated in Tomcat 5.5. Logging configuration for Confluence is specified in confluence/WEB-INF/classes/log4j.properties -->
<Manager pathname="" />
<Valve className="org.apache.catalina.valves.StuckThreadDetectionValve" threshold="60" />
</Context>
</Host>

</Engine>

<!--

<Connector port="8443" maxHttpHeaderSize="8192"
maxThreads="150" minSpareThreads="25"
protocol="org.apache.coyote.http11.Http11NioProtocol"
enableLookups="false" disableUploadTimeout="true"
acceptCount="100" scheme="https" secure="true"
clientAuth="false" sslProtocols="TLSv1,TLSv1.1,TLSv1.2" sslEnabledProtocols="TLSv1,TLSv1.1,TLSv1.2" SSLEnabled="true"
URIEncoding="UTF-8" keystorePass="<MY_CERTIFICATE_PASSWORD>"/>
-->
</Service>
</Server>

Note I have change the actual url to "my.example.dk"

3 answers

1 accepted

4 votes
Answer accepted
Deleted user January 27, 2017

Hi @Timothy Harris,

Could you check the following link first: https://confluence.atlassian.com/confkb/editor-does-not-load-in-confluence-6-x-due-to-could-not-initialize-class-org-xerial-snappy-snappy-859462192.html

I have a quick look through the httpd.conf settings and I would like you to suggest the following change for virtual host 443

&lt;VirtualHost *:443&gt;
ServerName my.example.dk
ProxyRequests Off
&lt;Proxy *&gt;
	Require all granted
&lt;/Proxy&gt;

SSLEngine On
SSLCertificateFile /etc/apache2/ssl/vhhr_signed_cert.crt
SSLCertificateKeyFile /etc/apache2/ssl/privateKey.key
#SSLCertificateChainFile /etc/apache2/ssl/int.cer
 
RewriteEngine On
RewriteCond %{REQUEST_URI} !^/synchrony
RewriteRule ^/(.*) http://my.example.dk:8090/$1 [P]

&lt;Location /&gt;
	Require all granted
&lt;/Location&gt;

ProxyPass /synchrony http://localhost:8091/synchrony


&lt;Location /synchrony&gt;
	Require all granted
	RewriteEngine on
	RewriteCond %{HTTP:UPGRADE} ^WebSocket$ [NC]
	RewriteCond %{HTTP:CONNECTION} Upgrade$ [NC]
	RewriteRule .* ws://localhost:8091%{REQUEST_URI} [P]
&lt;/Location&gt;
&lt;/VirtualHost&gt;
Omid_Roshan-Afshar January 13, 2018

Your recommendation of switching the "ProxyPass /" to a RewriteRule worked for me. Thanks!

0 votes
Fr0zt May 21, 2018

@Timothy Harris have you managed to solve this issue? I am facing a similar problem trying to configure Synchrony over SSL with reverse proxy.

0 votes
Timothy Harris January 30, 2017

What does that rewrite do? Doesn't it just send everything which does not have /synchrony as base to port 8090?

Deleted user January 30, 2017

Yes, is passing all the requests not referring to synchrony, please refer to this documentation:

Using Apache with mod_proxy

 

Craig Day February 14, 2017

Did anyone get this to work? I am also not able to get this to work. With the above modification I can now access Confluence fine. But when trying to edit a page (with Synchrony enabled) I get this error in the browser inspector:

 

failed: Unexpected response code: 500 when trying to access wss://my.domain.com/synchrony/...

 

any ideas? My set up is the same as above. Is there an inherent problem with apache and web sockets?

Suggest an answer

Log in or Sign up to answer
TAGS
AUG Leaders

Atlassian Community Events