Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

HTTPS

Rafal Niznik
Rafal Niznik
Contributor
August 20, 2017

Hi All

Confluence is new to me but currently I want to setup SSL 

I follow all instruction I found but still have some issues running over SSL

Can anyone advice and provide basic step-by-step guide?

I'm runnning confluence under Debian box

 

Regards

Raf

Answer
Watch
Like Be the first to like this
1112 views

2 answers

2 accepted

2 votes
Answer accepted
noamdah
noamdah
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
August 21, 2017

Run on application server:

openssl genrsa -out confKey.key 2048 -sha256


openssl req -new -key confKey.key -out confReq.csr

 

Send confReq.csr to CA

Take caReply.cer to server

 

openssl pkcs12 -export -out key.pfx -inkey confKey.key -in caReply.cer


keytool -importkeystore -srckeystore key.pfx -srcstoretype pkcs12 -destkeystore myKey.jks -deststoretype JKS


On server.xml file:

<Connector port="8443" maxHttpHeaderSize="8192"
maxThreads="150" minSpareThreads="25"
protocol="org.apache.coyote.http11.Http11NioProtocol"
enableLookups="false" disableUploadTimeout="true"
acceptCount="100" scheme="https" secure="true"
clientAuth="false" sslProtocols="TLSv1,TLSv1.1,TLSv1.2" sslEnabledProtocols="TLSv1,TLSv1.1,TLSv1.2" SSLEnabled="true"
URIEncoding="UTF-8" keystorePass="changeit" keystoreFile="/path/to/myKey.jks"/>


Restart confluence

Change base url

Reply
0 votes
Answer accepted
Nic Brough -Adaptavist-
Nic Brough -Adaptavist-
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
August 20, 2017

You'll need to decide on what route you want to take first.  You can either try to run Confluence's Tomcat with SSL, or take the recommended route of setting up a simple reverse proxy that handles all the SSL stuff.  (There are other routes, but these are more than a little unusual, and I'm only really familiar with the 97% of cases that go with a proxy).

Do you have a preference?  If so, and it's a proxy, which web server would you choose as the proxy?  (Nginx, Apache, Lighttpd etc)

View More Comments
Rafal Niznik
Rafal Niznik
Contributor
August 21, 2017

currently I use Sophos XG firewall that has option to protect webservers but not really sure hot to set this up

Like
Nic Brough -Adaptavist-
Nic Brough -Adaptavist-
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
August 21, 2017

That's nothing to do with SSL or proxies.  Although you may have to configure it to allow traffic on the port you want to run on.

Like
Reply

Suggest an answer

Log in or Sign up to answer
Confluence
Confluence
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Copyright © 2025 Atlassian
    Privacy Policy Terms Security
    Welcome illustration

    Welcome to the new Atlassian Community

    Online forums and learning are now in one easy-to-use experience.

    By continuing, you accept the updated Community Terms of Use and acknowledge the Privacy Policy. Your public name, photo, and achievements may be publicly visible and available in search engines.