We have been running confluence 5.6.3 over http. Now we find that we have issues with the Office connector when not running over SSL.
I wanted to test this on our sandbox instance, which has no DNS name, I followed the instructions here: https://confluence.atlassian.com/display/CONF56/Running+Confluence+Over+SSL+or+HTTPS
If I enter the URL like this "https://<IP ADDRESS>:8090 I get an SSL connection error: ERR_SSL_PROTOCOL_ERROR
When I generated the self signed cert I entered the IP Address when asked for "first and last name".
Could this be the problem?
I generated my keypair/cert like this:
keytool -genkeypair -alias tomcat -keyalg RSA -keystore /var/atlassian/atlassian.keystore
Enter keystore password:
Re-enter new password:
What is your first and last name?
[Unknown]: <REPLACED>:8090
What is the name of your organizational unit?
[Unknown]:
What is the name of your organization?
[Unknown]:
What is the name of your City or Locality?
[Unknown]:
What is the name of your State or Province?
[Unknown]:
What is the two-letter country code for this unit?
[Unknown]:
Is CN=<REPLACED>:8090, OU=Unknown, O=Unknown, L=Unknown, ST=Unknown, C=Unknown correct? (type "yes" or "no")
[no]: yesEnter key password for <tomcat>:
(RETURN if same as keystore password):
In the above I have replaced my actual IP with "<REPLACED>".
My server.xml looks like this:
<Connector port="8443" maxHttpHeaderSize="8192" maxThreads="150" minSpareThreads="25" enableLookups="false" disableUploadTimeout="true" acceptCount="100" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" SSLEnabled="true" URIEncoding="UTF-8" keystorePass="MY_PASSWORD_USED_WHEN_GENERATING_KEYPAIR" keystoreFile="/var/atlassian/atlassian.keystore"/>
HTTPS connection goes to port 8443 and not to 8090. In the document you mentioned look at step 4:
https://<MY_BASE_URL>:8443/
.Did you try to connect to https://<MY_BASE_URL>:8443 ?
I re-read the documentation and cam to the same conclusion. Works now. Thanks for the answer!
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
P.S. I have also tried generating the keypair/cert based just on the IP maddress without the port number, which is I am sure the correct way to do this. No difference.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.