I have a setup where both Jira and Confluence are running externally through Apache proxy. Confluence authenticates users through Jira using Crowd integration.
The problem started when I tried to enforce SSL on our Jira instance. I set up HTTP to HTTPS redirection, but after that change, users can’t log into Confluence anymore. I had to turn off the redirect temporarily to fix the login issue.
Looking at the Confluence admin panel under user directories, I can see that the crowd server URL still shows http://our-jira-domain instead of the HTTPS version. This seems to be causing the authentication failure.
I’ve checked everywhere I can think of but can’t find where to modify this setting. There’s no option in the Confluence administration interface to change it, and I don’t see any crowd configuration files in the directories I have access to.
What’s the correct way to update the Crowd server URL configuration in Confluence to use HTTPS instead of HTTP for connecting to Jira?
To update the Crowd server URL in Confluence for HTTPS connections, you need to modify the URL stored in the Confluence database. You have two main approaches: first, you can connect to your Confluence database and locate the cwd_directory table where your Crowd configuration resides. Update the directory_name or attribute_value columns to replace ‘http’ with ‘https’. Ensure you back up your database before making changes. Alternatively, you can use Confluence’s REST API at /rest/usermanagement/1/config/crowd to update the URL, which is a safer method. After making any changes, restart Confluence to apply them. I have encountered and resolved similar issues with SSL in proxies before, and this method worked effectively.
Had this exact problem six months ago during our HTTPS migration. Confluence caches the crowd server config and won’t auto-update when you switch protocols. Here’s what fixed it for me: go to the Confluence admin console, hit User Directories, and delete the existing Crowd directory entry completely. Then recreate it from scratch using the correct HTTPS URL. This forces a fresh connection with proper SSL handshake. Just make sure your SSL certs are configured right on both sides first - otherwise you’ll get cert validation errors. Takes about five minutes, users might need to log out/in once, but it’s way cleaner than messing with the database.
check your confluence home directory for the crowd.properties file - that’s where the server URL is actually stored. edit it directly and change http to https, then restart confluence. worked for me when the admin panel wouldn’t let me modify it.