Your configuration, on the face of it, looks correct, assuming that Confluence is installed and Tomcat is properly configured.
On your server, what do you get if you type this:
curl -D /dev/stderr http://localhost:8080/
And how about this:
curl -D /dev/stderr http://localhost:8080/homepage.action
You said:
I configured a apache with ajp.
Please note that at the moment you're not using ajp. You're proxying using http://
; if you were to use ajp, your configuration would look like this:
ProxyPass / ajp://localhost:8009/
ProxyPassReverse / ajp://localhost:8009/
However, this shouldn't substantially affect your problem (for simple operation, accessing tomcat over with http
or ajp
gets you to the same place).
EDIT: The output from curl
that you provided demonstrates that Confluence is responding at the correct URLs. In fact, if I take your Apache configuration and drop it verbatim onto my server, it works just fine.
When you attempt to connect to http://yourserver/, what shows up in the Apache access log? Error log?
tl;dr - Apache is just fine. It really is your firewall.
Correct the firewall issue, and all will be good.
Long Version
The problem:
Your testing with curl verifies that Apache itself is serving the site over HTTPS. That said, your testing with curl was done from the server itself.
When I tested with curl, on both 80 and 443, my results were different from yours. On 80, I got the HTTP 301 as expected. However, when I attempted to access the HTTPS version of your site, I received an ICMP HOST UNREACHEABLE.
In otherwords, your firewall is rejecting the packets that are destined for TCP 443 on your webserver.
The Solution:
Find why the TLS traffic from the outside is being blocked, and then fix it.
Run iptables -L -v -n
to see what rules are actually in place.
You may need to add a rule to explicitly allow the traffic, such as:
iptables -A INPUT -p tcp --dport 443 -j ACCEPT
or remove a rule blocking it, or perhaps even both.
Supporting Evidence
output from curl -v http://eusay.eusa.ed.ac.uk
* Rebuilt URL to: http://eusay.eusa.ed.ac.uk/
* Hostname was NOT found in DNS cache
* Trying 129.215.116.90...
* Connected to eusay.eusa.ed.ac.uk (129.215.116.90) port 80 (#0)
> GET / HTTP/1.1
> User-Agent: curl/7.35.0
> Host: eusay.eusa.ed.ac.uk
> Accept: */*
>
301 Moved Permanently</title>
</head><body>
<h1>Moved Permanently</h1>
<p>The document has moved <a href="https://eusay.eusa.ed.ac.uk:443">here</a>.</p>
<hr>
<address>Apache/2.2.15 (CentOS) Server at eusay.eusa.ed.ac.uk Port 80</address>
</body></html>
* Closing connection 0
Output of curl -v https://eusay.eusa.ed.ac.uk
* Rebuilt URL to: https://eusay.eusa.ed.ac.uk/
* Hostname was NOT found in DNS cache
* Trying 129.215.116.90...
* connect to 129.215.116.90 port 443 failed: No route to host
* Failed to connect to eusay.eusa.ed.ac.uk port 443: No route to host
* Closing connection 0
curl: (7) Failed to connect to eusay.eusa.ed.ac.uk port 443: No route to host
Best Answer
From: http://www.clearchain.com/blog/posts/solving-the-apache-ssl-error-oops-no-rsa-or-dsa-server-certificate-found-for-www-somedomain-com0
Summary: This error may also occur if you forget the following line in your
VirtualHost
section: