Missed Team ’24? Catch up on announcements here.

×
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Warning message "Error in Tomcat configuration" over HTTPS

Marco
Marco July 17, 2020

Hi there,

I'm using Confluence Server on my own VPS for a couple of days now. The installation went fine and I already use it for my projects. 

However, Confluence still complains about an error in the Tomcat configuration (translated from German):

 

   Error in Tomcat configuration

   The Tomcat server.xml file conatins a wrong configuration:

   scheme: should be 'https'
   proxyName: should be ...
   proxyPort should be 443

 

I'm using Confluence on my VPS with Linux (Debian) using Nginx as a reverse proxy. The SSL certificate is provided via Plesk through which I created a subdomain. I also configured Nginx through Plesk with the following:

 

   location / {
     proxy_pass http://localhost:8900/;
     proxy_set_header Upgrade $http_upgrade;
     proxy_set_header Connection upgrade;
     proxy_set_header Accept-Encoding gzip;
   }

  

I can use Confluence as expected over HTTPS except that annoying warning message.

The baseURL is set to https://subdomain.domain.tld.

In my conf/server.xml I uncommented the section for Nginx over HTTPS but still get the warning. No matter what I adjust in the server.xml file. Nothing changes. Before I uncommented the the HTTPS section no connector was configured in the server.xml.

This is why I'm wondering whether there is another file that is used instead of the one in <Installation_DIR>/conf/.

What is it I'm missing. I would expect that changes to the server.xml would either heal the symptoms or ruin the setup completely.

Thanks so much in advance for the advice.

Marco

 

Answer
Watch
Like Be the first to like this
811 views

2 answers

1 accepted

0 votes
Answer accepted
Nic Brough -Adaptavist-
Nic Brough -Adaptavist-
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
July 17, 2020

I suspect you have missed something.  My guess is based on you saying

"Before I uncommented the the HTTPS section no connector was configured in the server.xml."

That is incorrect.  If there are no connectors configured in the server.xml, the Confluence/Tomcat will start, but it will not serve up anything.  The fact you are getting as far as a message that you have an error in your Tomcat config means that there has to be a connector configured there.

So, my guess is that you have uncommented the https Nginx connector, and set it up correctly.  But because you have missed the connector that is there already, that one is still active - Tomcat will use the first connector it finds in the file and ignore any later ones that are set to run on the same port and path.

View More Comments
Marco
Marco July 17, 2020

Hi Nic,

well, indeed my assumption was incorrect that before uncommenting ... 

After taking a minute and looking into the server.xml again (with syntax highlighting this time) the thing became obvious. There was the default connector being active.

After removing it as the comments suggest, restarting the server solved the problem.

Thanks a lot.

Marco

Like
Nic Brough -Adaptavist-
Nic Brough -Adaptavist-
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
July 17, 2020

I really like editors that do syntax highlighting (except emacs - it does it, but I don't have any inclination to learn the damn thing, I'd rather go get another degree, it'll be easier and faster).  I would have said I love them, but I can't quite go that far when the reason I like them is that they highlight the facts that a) I can't type and b) I make a lot of mistakes.

Glad you managed to find it. 

That server.xml file has been a pain point in my life for 16 years, and yet I still **** up the config in it half the time.   (I have that number now because my company did a lock-down pub quiz today, and one of the questions in the Atlassian round was "when was Confluence released" and I was the only one who got it right, based on the memory of 1.0.1 having a spelling mistake in server.xml in 2004...)

Like Marco likes this
Marco
Marco July 18, 2020

Hi,

and while we're on it ... the same fixed solved my Jira issues.

However, good to know that experience pays off in the end. Being the one who knew the answer is a little return on invest, isn't it?

Marco

Like Nic Brough -Adaptavist- likes this
Reply
0 votes
Joshua Sneed Contegix
Joshua Sneed Contegix
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
July 17, 2020

Hi mhillebrecht,

There is an issue with the connector port in the server.xml file. There is usually an uncommented connector with an out of the box install that is used by Synchrony. Make sure something like THIS CONNECTOR exists in your server.xml and add the following before restarting:

  • address="<ip>"
  • scheme="https"
  • proxyName="subdomain.domain.tld"
  • proxyPort="443"

You setup is working, mostly. Tomcat is complaining because it wants to know where you're coming from and Collaborative editing (Synchrony) is probably broken. Cheers!

View More Comments
Marco
Marco July 17, 2020

Hi Joshua,

thank you very much for your time. I appreciate that.

I found the issue in the server.xml by checking it thoroughly once again. And uncommented the default connector as the file suggest.

The linked article however states:

Don't remove or comment out the http connector, as the Synchrony proxy health check, still requires HTTP. If you don't want to include the http connector, you can use the synchrony.proxy.healthcheck.disabled system property to disable the health check. 

I'll keep my eyes open if there is this side effect now.

Thank you very much again.

Marco

Like
Reply

Suggest an answer

Log in or Sign up to answer
Confluence
Confluence
DEPLOYMENT TYPE
SERVER
VERSION
7.6.1
TAGS
AUG Leaders

Atlassian Community Events

    See all events