Hi everyone, I would really appreciate any help that can be offered. I am experiencing several problems right now that I believe can all be traced back to the reverse proxy setup, but I am unsure where the issue is.
The issues are:
A warning that the base url cannot be checked.
AD Synchronization fails with "The following URL does not specify a valid Crowd User Management REST service".
I cannot update the license key from the GUI.
===Apache Configuration===
<VirtualHost *:443>
ServerName ohsejiradev01.domain.com
ErrorLog logs/ssl_error_log
TransferLog logs/ssl_access_log
LogLevel warn
SSLEngine on
SSLProtocol all -SSLv2
SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5:!SEED:!IDEA
SSLHonorCipherOrder on
SSLCertificateFile (Verified to exist)
SSLCertificateKeyFile (Verified to exist)
<Files ~ "\.(cgi|shtml|phtml|php3?)$">
SSLOptions +StdEnvVars
</Files>
<Directory "/var/www/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
# SSL Protocol Adjustments:
BrowserMatch "MSIE [2-5]" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
# Per-Server Logging:
CustomLog logs/ssl_request_log \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
RedirectMatch ^/$ https://ohsejiradev01.domain.com/jira
# JIRA Proxy Configuration:
<Proxy *>
Require all granted
</Proxy>
SSLProxyEngine On
ProxyRequests Off
ProxyPreserveHost On
ProxyPass /synchrony http://ohsejiradev01.domain.com:8091/synchrony
<Location /synchrony>
Require all granted
RewriteEngine on
RewriteCond %{HTTP:UPGRADE} ^WebSocket$ [NC]
RewriteCond %{HTTP:CONNECTION} Upgrade$ [NC]
RewriteRule .* ws://<domain>:8091%{REQUEST_URI} [P]
</Location>
ProxyPass /jira http://ohsejiradev01.domain.com:8080/jira
ProxyPassReverse /jira http://ohsejiradev01.domain.com:8080/jira
<Location /jira>
Require all granted
</Location>
ProxyPass /confluence http://ohsejiradev01.domain.com:8090/confluence
ProxyPassReverse /confluence http://ohsejiradev01.domain.com:8090/confluence
<Location /confluence>
Require all granted
</Location>
</VirtualHost>
###HTTP###
<VirtualHost *:80>
ServerName ohsejiradev01.domain.com
Redirect Permanent / https://ohsejiradev01.domain.com/jira
Redirect Permanent /jira https://ohsejiradev01.domain.com/jira
Redirect Permanent /confluence https://ohsejiradev01.domain.com/confluence
Redirect Permanent /synchrony https://ohsejiradev01.domain.com/synchrony
</VirtualHost>
===server.xml===
<Server port="8000" shutdown="SHUTDOWN" debug="0">
<Service name="Tomcat-Standalone">
<Connector proxyName="ohsejiradev01.domain.com"
scheme="https" secure="true"
proxyport="443"
port="8090" redirectPort="8443"
minSpareThreads="10" maxThreads="48"
acceptCount="100"
debug="0"
connectionTimeout="20000"
disableUploadTimeout="true"
enableLookups="false"
maxHttpHeaderSize="8192"
URIEncoding="UTF-8"
protocol="HTTP/1.1" />
<Connector protocol="HTTP/1.1"
port="8091" redirectPort="8443"
minSpareThreads="25" maxThreads="150"
acceptCount="100"
connectionTimeout="20000"
disableUploadTimeout="true"
enableLookups="false"
maxHttpHeaderSize="8192"
useBodyEncodingForURI="true"/>
<Engine name="Standalone" defaultHost="localhost" debug="0">
<Host name="localhost" debug="0" appBase="webapps" unpackWARs="true" autoDeploy="false" startStopThreads="4">
<Context path="/confluence" docBase="../confluence" debug="0" reloadable="false" useHttpOnly="true">
<!-- Logger is deprecated in Tomcat 5.5. Logging configuration for Confluence is specified in confluence/WEB-INF/classes/log4j.properties -->
<Manager pathname="" />
<Valve className="org.apache.catalina.valves.StuckThreadDetectionValve" threshold="60" />
</Context>
<Context path="${confluence.context.path}/synchrony-proxy" docBase="../synchrony-proxy" debug="0" reloadable="false" useHttpOnly="true">
<Valve className="org.apache.catalina.valves.StuckThreadDetectionValve" threshold="60" />
</Context>
</Host>
</Engine>
</Service>
</Server>
===setenv.sh (I appended the following two lines)===
CATALINA_OPTS="-Dhttp.nonProxyHosts=*.domain.com\|ohsejiradev01.domain.com/confluence\|ohsejiradev01.domain.com/jira\|ohsejiradev01\|localhost\|127.0.0.1 ${CATALINA_OPTS}"
CATALINA_OPTS="-Dhttps.proxyHost=(PROXY IP to OUTSIDE WORLD) -Dhttps.proxyPort=3128 ${CATALINA_OPTS}"
Looking at the Tomcat connector for port 8090 I see proxyport="443" . If you change this to proxyPort="443" and restart the Confluence service do you see any change in behavior?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.