It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

What FQDN for a local Confluence Server should be in a self-sign cert for HTTPS?

I have a local Confluence Sever installed. Works fine when accessed using HTTP://localhost:8090.

 

I've followed the guidance for getting HTTPS to work- but it will not work for me!

Seems that the self-signed cert I create needs to have the FQDN specified in the 'CN' part of the KeyPair.

My hostname for my server is "HOMELAPTOP"

What FQDN should I enter in the Cert?

Any help will be much appreciated.

Thanks

 

1 answer

0 votes

You should use the qualified name that you are going to be presenting Confluence on.

If, for example, you want to present it on https://mydomain.net/confluence, the FQDN will be mydomain.net.  Remember that this must be resolvable by DNS as well.

Thanks Nic

Users will be accessing confluence on an explicit iP address of the server on my LAN.

It's the FQDN that seems to be the issue?

That would make the FQDN simply the ip address

Yep, that's what I thought also :-)

 

I'm at my whit's end to get Confluence to do something really mundane such as work over HTTPS.

I've just now tried the laptop hostname in the URL base as:

HTTPS://HOMELAPTOP:8443

Still won't work.

I'm now looking at the Cert itself but struggling to see any issue with it- I set the 'CN' entry as HOMELAPTOP in a new .keystore. makes no difference :-(

If you use a name in a certificate, your network must be able to resolve the name to an IP address, meaning you'll need DNS entries to make it work.

HOMELAPTOP resolves to an IP address on my LAN - all other LAN endpoints can access http://homelaptop:8090/ but not https://homelaptop:8443

I even put an entry in the hosts file to resolve HOMELAPTOP to an IP address bit did not make a difference.

 

As a new user trying out confluence - this is disappointing :-)

This is not actually a Confluence problem.  Confluence itself doesn't do SSL at all, other than accepting "https" in its base url.

It's a function it hands off to the application server that is running it (nowadays, Tomcat is the only option supported), and Tomcat does support internet standards for SSL.

I think you're going to need to do more debugging of the certificates, not Confluence.  The main reason I'm stuck here is that when I follow the docs for self-certification, they do work for me.  Worse, they work when I take the more complicated routes like running it behind a proxy, and then I usually take another step and get a global certificate (i.e. not self-signed) and hook it up to automated renewals and monitoring.

Like Tony Marques likes this

Suggest an answer

Log in or Sign up to answer
DEPLOYMENT TYPE
SERVER
VERSION
7.5.2
TAGS
Community showcase
Published in New to Confluence

Fast-track your Confluence onboarding with the Confluence product guides!

Hey there! New in town? Check out the new Confluence product guides! They are chock-full of helpful tips, tricks, and best practices to get you and your team started.  Here’s a quick overview...

82 views 3 1
Read article

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you