Forums

Articles
Create
cancel
Showing results for 
Search instead for 
Did you mean: 

Nginx + Confluence + Jira Issue

Nina Limmer March 9, 2018

I can not get Confluence and Jira to be served through NGINX. I would appreciate any help on this matter. I have followed several documents now, including atlassians, and configured confluence and NGINX accordingly, however when I change the context path in the confluence configuration as per the documentation, confluence no longer servers/comes up. 

 

 <Context path="/confluence"

results in a 404.

and with the config reverted, nothing forwards through NGINX. I've included the NGINX config below.

# HTTPS server
#
server {
listen 443;
server_name localhost;

ssl on;
ssl_certificate /etc/ssl/cert.pem;
ssl_certificate_key /etc/ssl/server.pem;

ssl_session_timeout 5m;

ssl_protocols SSLv2 SSLv3 TLSv1;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;

location / {
root /usr/local/www/nginx;
index index.html index.htm;

}

location /jira {
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass https://<ip-of-jira-server>:8443/jira;
proxy_redirect off;
}

location /confluence {
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://127.0.0.1:8443/confluence;
proxy_redirect off;
}

 

 

}

 

 

 

 

 

1 answer

0 votes
James Richards
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
March 12, 2018

Hello Nina,

 

Hmm, is Confluence running on port 8443 on localhost? If you have SSL terminating at nginx, do you need SSL between nginx and Confluence?

What does server.xml have in it - can you post it here?

Can you connect to Confluence directly via URL like

  • http://IPADDRESS:8090/confluence
  • https://IPADDRESS:8443/confluence

Regards, James

Nina Limmer March 21, 2018

<Server port="8000" shutdown="SHUTDOWN" debug="0">

    <Service name="Tomcat-Standalone">

<Connector port="8090" connectionTimeout="20000" redirectPort="8443"

           maxThreads="48" minSpareThreads="10"

           enableLookups="false" acceptCount="10" debug="0" URIEncoding="UTF-8"

           protocol="org.apache.coyote.http11.Http11NioProtocol"

           />

 

        <Engine name="Standalone" defaultHost="localhost" debug="0">

 

            <Host name="localhost" debug="0" appBase="webapps" unpackWARs="true" autoDeploy="false" startStopThreads="4">

                <Context path="" docBase="../confluence" debug="0" reloadable="false" useHttpOnly="true">

                    <!-- Logger is deprecated in Tomcat 5.5. Logging configuration for Confluence is specified in confluence/WEB-INF/classes/log4j.properties -->

                    <Manager pathname="" />

                    <Valve className="org.apache.catalina.valves.StuckThreadDetectionValve" threshold="60" />

                </Context>

 

                <Context path="${confluence.context.path}/synchrony-proxy" docBase="../synchrony-proxy" debug="0" reloadable="false" useHttpOnly="true">

                    <Valve className="org.apache.catalina.valves.StuckThreadDetectionValve" threshold="60" />

                </Context>

            </Host>

 

        </Engine>

 

        <!--

            To run Confluence via HTTPS:

             * Uncomment the Connector below

             * Execute:

                 %JAVA_HOME%\bin\keytool -genkey -alias tomcat -keyalg RSA (Windows)

                 $JAVA_HOME/bin/keytool -genkey -alias tomcat -keyalg RSA  (Unix)

               with a password value of "changeit" for both the certificate and the keystore itself.

             * Restart and visit https://localhost:8443/

 

             For more info, see https://confluence.atlassian.com/display/DOC/Running+Confluence+Over+SSL+or+HTTPS

        -->

        <Connector port="8443" maxHttpHeaderSize="8192"

                   maxThreads="150"

  minSpareThreads="25"

                   protocol="org.apache.coyote.http11.Http11NioProtocol"

                   enableLookups="false"

                   disableUploadTimeout="true"

                   acceptCount="100"

  scheme="https"

  secure="true"

                   clientAuth="false" sslProtocols="TLSv1,TLSv1.1,TLSv1.2" sslEnabledProtocols="TLSv1,TLSv1.1,TLSv1.2" SSLEnabled="true"

                   URIEncoding="UTF-8"

                   keystoreFile="/etc/ssl/certs/java/cacerts"

                   keyAlias="*.domain.com"

  keystorePass="SECRET" keystoreType="JKS"

            proxyName="domain.com" proxyPort="443"           

                       />

    </Service>

</Server>

Nina Limmer March 21, 2018

<Server port="8000" shutdown="SHUTDOWN" debug="0">

    <Service name="Tomcat-Standalone">

<Connector port="8090" connectionTimeout="20000" redirectPort="8443"

           maxThreads="48" minSpareThreads="10"

           enableLookups="false" acceptCount="10" debug="0" URIEncoding="UTF-8"

           protocol="org.apache.coyote.http11.Http11NioProtocol"

           />

 

        <Engine name="Standalone" defaultHost="localhost" debug="0">

 

            <Host name="localhost" debug="0" appBase="webapps" unpackWARs="true" autoDeploy="false" startStopThreads="4">

                <Context path="" docBase="../confluence" debug="0" reloadable="false" useHttpOnly="true">

                    <!-- Logger is deprecated in Tomcat 5.5. Logging configuration for Confluence is specified in confluence/WEB-INF/classes/log4j.properties -->

                    <Manager pathname="" />

                    <Valve className="org.apache.catalina.valves.StuckThreadDetectionValve" threshold="60" />

                </Context>

 

                <Context path="${confluence.context.path}/synchrony-proxy" docBase="../synchrony-proxy" debug="0" reloadable="false" useHttpOnly="true">

                    <Valve className="org.apache.catalina.valves.StuckThreadDetectionValve" threshold="60" />

                </Context>

            </Host>

 

        </Engine>

 

        <!--

            To run Confluence via HTTPS:

             * Uncomment the Connector below

             * Execute:

                 %JAVA_HOME%\bin\keytool -genkey -alias tomcat -keyalg RSA (Windows)

                 $JAVA_HOME/bin/keytool -genkey -alias tomcat -keyalg RSA  (Unix)

               with a password value of "changeit" for both the certificate and the keystore itself.

             * Restart and visit https://localhost:8443/

 

             For more info, see https://confluence.atlassian.com/display/DOC/Running+Confluence+Over+SSL+or+HTTPS

        -->

        <Connector port="8443" maxHttpHeaderSize="8192"

                   maxThreads="150"

  minSpareThreads="25"

                   protocol="org.apache.coyote.http11.Http11NioProtocol"

                   enableLookups="false"

                   disableUploadTimeout="true"

                   acceptCount="100"

  scheme="https"

  secure="true"

                   clientAuth="false" sslProtocols="TLSv1,TLSv1.1,TLSv1.2" sslEnabledProtocols="TLSv1,TLSv1.1,TLSv1.2" SSLEnabled="true"

                   URIEncoding="UTF-8"

                   keystoreFile="/etc/ssl/certs/java/cacerts"

                   keyAlias="*.domain.com"

  keystorePass="secret" keystoreType="JKS"

            proxyName="domain.com" proxyPort="443"           

                       />

    </Service>

</Server>

Nina Limmer March 21, 2018

Hi James,

        I've attempted to respond inline here, but it's not showing my reply. Is there another way we can communicate so I can post you my configs.

Nic Brough -Adaptavist-
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
March 21, 2018

@Nina Limmer- I just got your recent response out of the spam bucket.  The 'bot is not perfect and can be a bit over-zealous (as well as completely miss other stuff)

Nina Limmer March 21, 2018

Thanks Nic,

           I've tested a few things. 

 

I can access

http://confluence.domain.com:8443

 

And it shows NGINX ( as shown in the screenshot attached)

 

However confluence isn't coming up, and confluence is now throwing errors. I believe possibly I have the server.xml misconfigured. 

 

21-Mar-2018 16:19:39.769 INFO [http-nio-8090-exec-7] org.apache.coyote.http11.AbstractHttp11Processor.process Error parsing HTTP request header

Note: further occurrences of HTTP header parsing errors will be logged at DEBUG level.

java.lang.IllegalArgumentException: Invalid character found in method name. HTTP method names must be tokens

        at org.apache.coyote.http11.AbstractNioInputBuffer.parseRequestLine(AbstractNioInputBuffer.java:235)

        at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1045)

        at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:684)

        at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1539)

        at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1495)

        at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)

        at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)

        at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)

        at java.lang.Thread.run(Thread.java:748)

 

21-Mar-2018 16:19:39.769 INFO [http-nio-8090-exec-8] org.apache.coyote.http11.AbstractHttp11Processor.process Error parsing HTTP request header

Note: further occurrences of HTTP header parsing errors will be logged at DEBUG level.

java.lang.IllegalArgumentException: Invalid character found in method name. HTTP method names must be tokens

        at org.apache.coyote.http11.AbstractNioInputBuffer.parseRequestLine(AbstractNioInputBuffer.java:235)

        at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1045)

        at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:684)

        at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1539)

        at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1495)

        at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)

        at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)

        at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)

        at java.lang.Thread.run(Thread.java:748Screen Shot 2018-03-21 at 15.16.24.pngScreen Shot 2018-03-21 at 15.16.58.png

Suggest an answer

Log in or Sign up to answer
TAGS
AUG Leaders

Atlassian Community Events