Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

Next challenges

Recent achievements

  • Global
  • Personal

Recognition

  • Give kudos
  • Received
  • Given

Leaderboard

  • Global

Trophy case

Kudos (beta program)

Kudos logo

You've been invited into the Kudos (beta program) private group. Chat with others in the program, or give feedback to Atlassian.

View group

It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

Tomcat config is incorrect Edited

After our linux administrator installed an SSL certificate he is currently receiving the following Tomcat config is incorrect error:

tomcat_error.PNG

He stated he followed the troubleshooting article at https://confluence.atlassian.com/confkb/can-t-check-base-url-warning-in-confluence-6-6-or-later-939718433.html and verified the settings are correct. Most likely this is due to the article being dated. Below is the server.xml file:

<Server port="8000" shutdown="SHUTDOWN" debug="0">
<Service name="Tomcat-Standalone">
<!--
==============================================================================================================
DEFAULT - Direct connector with no proxy, for unproxied HTTP access to Confluence.

If using a http/https proxy, comment out this connector.
==============================================================================================================
-->
<!--
<Connector port="8090" connectionTimeout="20000" redirectPort="8443"
maxThreads="48" minSpareThreads="10"
enableLookups="false" acceptCount="10" debug="0" URIEncoding="UTF-8"
protocol="org.apache.coyote.http11.Http11NioProtocol"/>
-->
<!--
==============================================================================================================
HTTP - Proxying Confluence via Apache or Nginx over HTTP

If you're proxying traffic to Confluence over HTTP, uncomment the connector below and comment out the others.
Make sure you provide the right information for proxyName and proxyPort.

For more information see:
Apache - https://confluence.atlassian.com/x/4xQLM
nginx - https://confluence.atlassian.com/x/TgSvEg

==============================================================================================================
-->

<!--
<Connector port="8090" connectionTimeout="20000" redirectPort="8443"
maxThreads="48" minSpareThreads="10"
enableLookups="false" acceptCount="10" debug="0" URIEncoding="UTF-8"
protocol="org.apache.coyote.http11.Http11NioProtocol"
scheme="http" proxyName="confluence.site.com" proxyPort="80"/>
-->

<!--
==============================================================================================================
HTTPS - Direct connector with no proxy, for unproxied HTTPS access to Confluence.

For more info see https://confluence.atlassian.com/x/s3UC
==============================================================================================================
-->

<!--
<Connector port="8443" maxHttpHeaderSize="8192"
maxThreads="150" minSpareThreads="25"
protocol="org.apache.coyote.http11.Http11Nio2Protocol"
enableLookups="false" disableUploadTimeout="true"
acceptCount="100" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLSv1.2" sslEnabledProtocols="TLSv1.2" SSLEnabled="true"
URIEncoding="UTF-8" keystorePass="<MY_CERTIFICATE_PASSWORD>"/>
-->

<!--
==============================================================================================================
HTTPS - Proxying Confluence via Apache or Nginx over HTTPS

If you're proxying traffic to Confluence over HTTPS, uncomment the connector below and comment out the others.
Make sure you provide the right information for proxyName and proxyPort.

For more information see:
Apache - https://confluence.atlassian.com/x/PTT3MQ
nginx - https://confluence.atlassian.com/x/cNIvMw
==============================================================================================================
-->


<Connector port="8090" connectionTimeout="20000" redirectPort="8443"
maxThreads="48" minSpareThreads="10"
enableLookups="false" acceptCount="10" debug="0" URIEncoding="UTF-8"
protocol="org.apache.coyote.http11.Http11NioProtocol"
scheme="https" secure="true" proxyName="confluence.site.com" proxyPort="443"/>


<Engine name="Standalone" defaultHost="localhost" debug="0">
<Host name="localhost" debug="0" appBase="webapps" unpackWARs="true" autoDeploy="false" startStopThreads="4">
<Context path="" docBase="../confluence" debug="0" reloadable="false" useHttpOnly="true">
<!-- Logging configuration for Confluence is specified in confluence/WEB-INF/classes/log4j.properties -->
<Manager pathname=""/>
<Valve className="org.apache.catalina.valves.StuckThreadDetectionValve" threshold="60"/>
</Context>

<Context path="${confluence.context.path}/synchrony-proxy" docBase="../synchrony-proxy" debug="0"
reloadable="false" useHttpOnly="true">
<Valve className="org.apache.catalina.valves.StuckThreadDetectionValve" threshold="60"/>
</Context>
</Host>
</Engine>
</Service>
</Server>

Also, here is the nginx.conf file:

server {
listen confluence.site.com:80;
server_name confluence.site.com;

listen 443 default ssl;
ssl_certificate /etc/ssl/private/confluence.site.com.crt;
ssl_certificate_key /etc/ssl/private/confluence.site.com.key;

ssl_session_timeout 5m;

ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers 'ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS';
ssl_prefer_server_ciphers on;

location / {
client_max_body_size 100m;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://localhost:8090;
}
location /synchrony {
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://localhost:8091/synchrony;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
}
}

 

1 answer

I think that connector definition looks right. (*assuming you replaced confluence.site.com with your sitename referenced in the screenshot. Else you have the wrong file)

I'd start with your nginx file.

split your server blocks so that the 80 redirects to the 443

server {
listen 80;
server_name confluence confluence.site.com;
return 301 https://confluence.site.com$request_uri;
}

# HTTPS server
#
server {
listen 443 ssl;
server_name confluence confluence.site.com;

Hello Andrew,

Thanks for the suggestions; however, the solution did not work. We did replace confluence.site.com with our site name and tried your recommendation. Do you have another recommendation?

you updated the nginx file or the server.xml file?

Start with the server.xml file. Make sure the line

scheme="https" secure="true" proxyName="confluence.site.com" proxyPort="443"/>

is changed to

scheme="https" secure="true" proxyName="confluence.gazette.com" proxyPort="443"/>

The nginx.conf file was updated.

We verified within server.xml file that the format is set to:

scheme="https" secure="true" proxyName="confluence.gazette.com" proxyPort="443"/>

Hello Andrew,

Are you still able to help me with this issue? If not, do you know how I can disable the URL base checking as the article suggests? I tried looking for the addon option when clicking the cog in Confluence and it is not there.

So you updated the line in your server.xml (in the correct uncommented section), and restarted confluence and you are still getting the exact same error?  Can you repost your server.xml file with the corrections, since the one above is not correct.

Hello! I have a problem, too. a string in the server.xml
scheme= "https" secure= "true" proxyName="atl.mysite.su" proxy Port= "443"/>

Mistake
Tomcat config is incorrect

The Tomcat server.xml has an incorrect configuration:
the scheme should be 'https'
proxy Name should be 'atl.mysite.su'
proxyPort should be '443'

There is no nginx httpd configuration file

Confluence 6.9.1

Suggest an answer

Log in or Sign up to answer
TAGS
Community showcase
Posted in Confluence

What do you think is the most *delightful* Confluence feature? Comment for a prize!

- Create your own custom emoji 🔥 - "Shake for Feedback" on mobile 📱 - An endless supply of GIFs via GIPHY 🤩 Is there anything quite as nice as a pleasant surprise? Comment below with what...

302 views 23 8
Join discussion

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you