Confluence 6 running over SSL or HTTPS-notes and problem resolution

Source: Internet
Author: User
Tags knowledge base java se

Note
    • background information When creating a certificate: The " keytool -genkeypair command creates a key pair, including the public key and the associated private key, and then stores it in KeyStore. This command packages the public key to the V3 self-signed certificate, and is stored as a single element in the certificate chain. The certificate chain and the private key are stored as a new KeyStore instance at the same time. is identified by the alias you specify on the command line. The Java SE documentation can help you better use this tool.

  • Custom SSL Port : If you modify the default port (8443) for which your SSL connector is running, you must update the properties of the callout HTTPS connection to redirectPort map to the new SSL port. Tomcat needs this information to know that it should redirect to that port for access HTTPS.

  • multiple instances of the same host : When you have multiple instances running on the same host, it is important to determine the address, which is defined in the <CONFLUENCE_INSTALLATION>/conf/server.xml file, and the default connector will list all available network interfaces . Therefore, specifying an address will prevent conflicts between connectors running in the same port in the same host. Refer to the TOMCAT Connector documentation for more information about address properties: https://tomcat.apache.org/tomcat-8.0-doc/config/http.html

    <Connector port="8443" address="your.confluence.url.com"maxHttpHeaderSize="8192"  maxThreads="150" minSpareThreads="25" maxSpareThreads="75"  enableLookups="false" disableUploadTimeout="true"  acceptCount="100" scheme="https" secure="true"  clientAuth="false" sslProtocol="TLS" SSLEnabled="true"  URIEncoding="UTF-8" keystorePass="<MY_CERTIFICATE_PASSWORD>"  keystoreFile="<MY_CERTIFICATE_LOCATION>"/>
    • HTTPS must be configured at your full site : HTTPS cannot encrypt only a separate page or space.

    • before you upgrade to confluence : Record your changes server.xml and web.xml files. Once each upgrade is complete, you will need to reconfigure the configuration files that you have modified. It is best to add it manually instead of copying and pasting the entire file.

Problem solving
    • Refer to the articles in the Confluence Knowledge Base for troubleshooting SSL.

    • For an issue where Internet Explorer cannot download attachments , applying SSL throughout the site may cause IE to not download the attachment correctly. To fix this problem, edit <CONFLUENCE_INSTALLATION>/conf/server.xml  and then add the following line to the <Context ... /> element:

      <Valve className="org.apache.catalina.authenticator.NonLoginAuthenticator"       disableProxyCaching="true"securePagesWithPragma="false"/>

Https://www.cwiki.us/display/CONF6ZH/Running+Confluence+Over+SSL+or+HTTPS


Confluence 6 running over SSL or HTTPS-remarks and problem resolution

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.