Balsamiq Community Discussion

Balsamiq and confluence together behind apache reverse proxy on same host

Hi Guys,
we have balsamiq app activated in confluence. Hoewver the RTC service won’t start. It is always in state down.
Search around the web told us, that it is because we run confluence behind an apache reverse proxy.
We followed the advice under https://balsamiq.com/wireframes/confluence/docs/server/rtcconfigs/#http-ssl-proxy-on-same-server and set up our apache config accordingly.

On restart apache failed because it can not listen to a port which is already in use by balsamiq!

Here is our config so far:

confluence section

<VirtualHost *:443>
    TimeOut 1000
    ServerName ourServerName
    DirectoryIndex index.html

    SSLEngine on
    #Certificates
    SSLCertificateFile      File.crt
    SSLCertificateChainFile FileCA.pem
    SSLCertificateKeyFile   File.key
    SSLCACertificateFile    FileR1_CA.pem

    SSLProxyEngine on
    RewriteEngine on
    ProxyRequests off
    ProxyPreserveHost on

    RequestHeader set X-Forwarded-Proto "https"
    RequestHeader set X-Forwarded-Port "443"

    LogLevel info ssl:debug
    ErrorLog ${APACHE_LOG_DIR}/ssl-error.log
    CustomLog ${APACHE_LOG_DIR}/ssl-access.log combined

     <Proxy *>
        Require all granted
    </Proxy>

    ProxyPass /synchrony http://localhost:8091/synchrony
    <Location /synchrony>
        Require all granted
        RewriteEngine on
        RewriteCond %{HTTP:UPGRADE} ^WebSocket$ [NC]
        RewriteCond %{HTTP:CONNECTION} Upgrade$ [NC]
        RewriteRule .* ws://localhost:8091%{REQUEST_URI} [P]
    </Location>
    ProxyPass / http://localhost:8090/
    ProxyPassReverse / http://localhost:8090/

    <Directory "/var/www/ourServerName">
            Options +FollowSymLinks +SymLinksIfOwnerMatch
            AllowOverride All
            Require all granted
    </Directory>

    #additional ssl
    SSLProtocol all -SSLv2 -SSLv3
    SSLHonorCipherOrder on
    SSLCompression off

</VirtualHost>

###end of confluence section

balsamiq rtc section

Listen ourServerName:9083
<VirtualHost *:9083>
SSLEngine on
#Certificates
SSLCertificateFile File.crt
SSLCertificateChainFile FileCA.pem
SSLCertificateKeyFile File.key
SSLCACertificateFile FileR1_CA.pem

ProxyRequests off
ProxyPreserveHost On
RewriteEngine on

<Proxy *>
    Require all granted
</Proxy>

ProxyPass / http://localhost:9083/
RewriteEngine on
RewriteCond %{HTTP:UPGRADE} ^WebSocket$ [NC]
RewriteCond %{HTTP:CONNECTION} Upgrade$ [NC]
RewriteRule .* ws://localhost:9083%{REQUEST_URI} [P]
###end of balsamiq rtc section

Our confluence server.xml connector setting:

Can someone help us to get this RTC working if it is behind a reverse proxy?
Thanks in advance.

Tuxedo

Hi @tuxedo,

Welcome to the Balsamiq Forums and thanks for the post. I’m going to need to loop in a little help on this issue - as you can imagine, this type of issue can get quite technical. Please bear with me while I do that and we’ll be back in touch asap, ok?

For now, all the best.

Hi friend, the trick is to use address=“127.0.0.1” inside main connector on server.xml confluence config file, so that tomcat listens only on loopback address

Hi Stefano,

thanks for advice. I will try it out today and come back with result.

Greetings,
Tuxedo

Hi Guys,

advice of Stefano worked.
Now we are able to start balsamiq rtc.

Many thanks and greetings,
Tuxedo

1 Like