Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Nginx + Confluence + Jira Issue

Nina Limmer
Nina Limmer March 9, 2018

I can not get Confluence and Jira to be served through NGINX. I would appreciate any help on this matter. I have followed several documents now, including atlassians, and configured confluence and NGINX accordingly, however when I change the context path in the confluence configuration as per the documentation, confluence no longer servers/comes up. 

 

 <Context path="/confluence"

results in a 404.

and with the config reverted, nothing forwards through NGINX. I've included the NGINX config below.

# HTTPS server
#
server {
listen 443;
server_name localhost;

ssl on;
ssl_certificate /etc/ssl/cert.pem;
ssl_certificate_key /etc/ssl/server.pem;

ssl_session_timeout 5m;

ssl_protocols SSLv2 SSLv3 TLSv1;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;

location / {
root /usr/local/www/nginx;
index index.html index.htm;

}

location /jira {
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass https://<ip-of-jira-server>:8443/jira;
proxy_redirect off;
}

location /confluence {
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://127.0.0.1:8443/confluence;
proxy_redirect off;
}

 

 

}

 

 

 

 

 

Answer
Watch
Like Be the first to like this
695 views

1 answer

0 votes
James Richards
James Richards
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
March 12, 2018

Hello Nina,

 

Hmm, is Confluence running on port 8443 on localhost? If you have SSL terminating at nginx, do you need SSL between nginx and Confluence?

What does server.xml have in it - can you post it here?

Can you connect to Confluence directly via URL like

  • http://IPADDRESS:8090/confluence
  • https://IPADDRESS:8443/confluence

Regards, James

View More Comments
Nina Limmer
Nina Limmer March 21, 2018

<Server port="8000" shutdown="SHUTDOWN" debug="0">

    <Service name="Tomcat-Standalone">

<Connector port="8090" connectionTimeout="20000" redirectPort="8443"

           maxThreads="48" minSpareThreads="10"

           enableLookups="false" acceptCount="10" debug="0" URIEncoding="UTF-8"

           protocol="org.apache.coyote.http11.Http11NioProtocol"

           />

 

        <Engine name="Standalone" defaultHost="localhost" debug="0">

 

            <Host name="localhost" debug="0" appBase="webapps" unpackWARs="true" autoDeploy="false" startStopThreads="4">

                <Context path="" docBase="../confluence" debug="0" reloadable="false" useHttpOnly="true">

                    <!-- Logger is deprecated in Tomcat 5.5. Logging configuration for Confluence is specified in confluence/WEB-INF/classes/log4j.properties -->

                    <Manager pathname="" />

                    <Valve className="org.apache.catalina.valves.StuckThreadDetectionValve" threshold="60" />

                </Context>

 

                <Context path="${confluence.context.path}/synchrony-proxy" docBase="../synchrony-proxy" debug="0" reloadable="false" useHttpOnly="true">

                    <Valve className="org.apache.catalina.valves.StuckThreadDetectionValve" threshold="60" />

                </Context>

            </Host>

 

        </Engine>

 

        <!--

            To run Confluence via HTTPS:

             * Uncomment the Connector below

             * Execute:

                 %JAVA_HOME%\bin\keytool -genkey -alias tomcat -keyalg RSA (Windows)

                 $JAVA_HOME/bin/keytool -genkey -alias tomcat -keyalg RSA  (Unix)

               with a password value of "changeit" for both the certificate and the keystore itself.

             * Restart and visit https://localhost:8443/

 

             For more info, see https://confluence.atlassian.com/display/DOC/Running+Confluence+Over+SSL+or+HTTPS

        -->

        <Connector port="8443" maxHttpHeaderSize="8192"

                   maxThreads="150"

  minSpareThreads="25"

                   protocol="org.apache.coyote.http11.Http11NioProtocol"

                   enableLookups="false"

                   disableUploadTimeout="true"

                   acceptCount="100"

  scheme="https"

  secure="true"

                   clientAuth="false" sslProtocols="TLSv1,TLSv1.1,TLSv1.2" sslEnabledProtocols="TLSv1,TLSv1.1,TLSv1.2" SSLEnabled="true"

                   URIEncoding="UTF-8"

                   keystoreFile="/etc/ssl/certs/java/cacerts"

                   keyAlias="*.domain.com"

  keystorePass="SECRET" keystoreType="JKS"

            proxyName="domain.com" proxyPort="443"           

                       />

    </Service>

</Server>

Like
Nina Limmer
Nina Limmer March 21, 2018

<Server port="8000" shutdown="SHUTDOWN" debug="0">

    <Service name="Tomcat-Standalone">

<Connector port="8090" connectionTimeout="20000" redirectPort="8443"

           maxThreads="48" minSpareThreads="10"

           enableLookups="false" acceptCount="10" debug="0" URIEncoding="UTF-8"

           protocol="org.apache.coyote.http11.Http11NioProtocol"

           />

 

        <Engine name="Standalone" defaultHost="localhost" debug="0">

 

            <Host name="localhost" debug="0" appBase="webapps" unpackWARs="true" autoDeploy="false" startStopThreads="4">

                <Context path="" docBase="../confluence" debug="0" reloadable="false" useHttpOnly="true">

                    <!-- Logger is deprecated in Tomcat 5.5. Logging configuration for Confluence is specified in confluence/WEB-INF/classes/log4j.properties -->

                    <Manager pathname="" />

                    <Valve className="org.apache.catalina.valves.StuckThreadDetectionValve" threshold="60" />

                </Context>

 

                <Context path="${confluence.context.path}/synchrony-proxy" docBase="../synchrony-proxy" debug="0" reloadable="false" useHttpOnly="true">

                    <Valve className="org.apache.catalina.valves.StuckThreadDetectionValve" threshold="60" />

                </Context>

            </Host>

 

        </Engine>

 

        <!--

            To run Confluence via HTTPS:

             * Uncomment the Connector below

             * Execute:

                 %JAVA_HOME%\bin\keytool -genkey -alias tomcat -keyalg RSA (Windows)

                 $JAVA_HOME/bin/keytool -genkey -alias tomcat -keyalg RSA  (Unix)

               with a password value of "changeit" for both the certificate and the keystore itself.

             * Restart and visit https://localhost:8443/

 

             For more info, see https://confluence.atlassian.com/display/DOC/Running+Confluence+Over+SSL+or+HTTPS

        -->

        <Connector port="8443" maxHttpHeaderSize="8192"

                   maxThreads="150"

  minSpareThreads="25"

                   protocol="org.apache.coyote.http11.Http11NioProtocol"

                   enableLookups="false"

                   disableUploadTimeout="true"

                   acceptCount="100"

  scheme="https"

  secure="true"

                   clientAuth="false" sslProtocols="TLSv1,TLSv1.1,TLSv1.2" sslEnabledProtocols="TLSv1,TLSv1.1,TLSv1.2" SSLEnabled="true"

                   URIEncoding="UTF-8"

                   keystoreFile="/etc/ssl/certs/java/cacerts"

                   keyAlias="*.domain.com"

  keystorePass="secret" keystoreType="JKS"

            proxyName="domain.com" proxyPort="443"           

                       />

    </Service>

</Server>

Like
Nina Limmer
Nina Limmer March 21, 2018

Hi James,

        I've attempted to respond inline here, but it's not showing my reply. Is there another way we can communicate so I can post you my configs.

Like
Nic Brough -Adaptavist-
Nic Brough -Adaptavist-
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
March 21, 2018

@Nina Limmer- I just got your recent response out of the spam bucket.  The 'bot is not perfect and can be a bit over-zealous (as well as completely miss other stuff)

Like
Nina Limmer
Nina Limmer March 21, 2018

Thanks Nic,

           I've tested a few things. 

 

I can access

http://confluence.domain.com:8443

 

And it shows NGINX ( as shown in the screenshot attached)

 

However confluence isn't coming up, and confluence is now throwing errors. I believe possibly I have the server.xml misconfigured. 

 

21-Mar-2018 16:19:39.769 INFO [http-nio-8090-exec-7] org.apache.coyote.http11.AbstractHttp11Processor.process Error parsing HTTP request header

Note: further occurrences of HTTP header parsing errors will be logged at DEBUG level.

java.lang.IllegalArgumentException: Invalid character found in method name. HTTP method names must be tokens

        at org.apache.coyote.http11.AbstractNioInputBuffer.parseRequestLine(AbstractNioInputBuffer.java:235)

        at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1045)

        at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:684)

        at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1539)

        at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1495)

        at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)

        at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)

        at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)

        at java.lang.Thread.run(Thread.java:748)

 

21-Mar-2018 16:19:39.769 INFO [http-nio-8090-exec-8] org.apache.coyote.http11.AbstractHttp11Processor.process Error parsing HTTP request header

Note: further occurrences of HTTP header parsing errors will be logged at DEBUG level.

java.lang.IllegalArgumentException: Invalid character found in method name. HTTP method names must be tokens

        at org.apache.coyote.http11.AbstractNioInputBuffer.parseRequestLine(AbstractNioInputBuffer.java:235)

        at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1045)

        at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:684)

        at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1539)

        at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1495)

        at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)

        at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)

        at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)

        at java.lang.Thread.run(Thread.java:748Screen Shot 2018-03-21 at 15.16.24.pngScreen Shot 2018-03-21 at 15.16.58.png

Like
Reply

Suggest an answer

Log in or Sign up to answer
Confluence
Confluence
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Notice at Collection Terms Security