Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

Securing Crowd With SSL Proxy

Shannon Harvey December 22, 2020

hello all,

I am attempting to secure crowd using apache and a reverse proxy. I have setup all of the components in terms of placing the certificate files in their proper location, modifying the server.xml file to reflect the name of the server and the location of the certs. when browsing to the site via https I get the following message, can anyone here provide some context into what may be going on here and what i can do to resolve this error, all services appear to be running without incident and all of the log files look good so I'm stumped.

ERR_SSL_PROTOCOL_ERROR and will say that the domain sent an invalid response.

This site can’t provide a secure connection.

1 answer

0 votes
Daniel Eads
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
December 22, 2020

Hi @Shannon Harvey ,

First things first, I'd check the the time on your local machine to make sure your clock is showing the correct time and set to automatically update itself. There are a few configurations (especially with OCSP stapling) where having the time off on your local workstation by a couple minutes can cause errors like this.

After that, I'd look into what ciphers are enabled. Can you provide the portions of your Apache configuration file that you used to create the reverse proxy? Inside that virtualhost there may be a SSLCipherSuite directive - or potentially it's at a higher level. One possibility is that this directive only has options enabled that your browser doesn't support (so we'd need to change which ciphers are on).

Are there other applications running through the same Apache instance which work? That can also scope the issue down to the VirtualHost for Crowd. At any rate - seeing the Apache configuration will help!


Suggest an answer

Log in or Sign up to answer
AUG Leaders

Atlassian Community Events