Confluence could not retrieve public key for real-time collaboration service from Synchrony

Still need help?

The Atlassian Community is here for you.

Ask the community


Platform Notice: Data Center - This article applies to Atlassian products on the Data Center platform.

Note that this KB was created for the Data Center version of the product. Data Center KBs for non-Data Center-specific features may also work for Server versions of the product, however they have not been tested. Support for Server* products ended on February 15th 2024. If you are running a Server product, you can visit the Atlassian Server end of support announcement to review your migration options.

*Except Fisheye and Crucible

Problem

After setting up a Synchrony node or cluster, you are unable to successfully enable Collaborative editing.

The following appears in the atlassian-confluence.log

INFO ... [plugins.synchrony.config.DefaultSynchronyConfigurationManager] retrievePublicKey [Collab editing plugin] Could not retrieve public key for real-time collaboration service at confluence.example.com/synchrony/jwt-key with exception: null

Diagnosis

Environment

  • Confluence Data Center
  • One or more Synchrony nodes
  • You are using an AWS ELB (Elastic Load Balancer)

Diagnostic Steps

  • You cannot successfully enable Collaborative Editing
  • You see various errors in the UI on the Collaborative Editing settings page: <base-url>/admin/confluence-collaborative-editor-plugin/configure.action
  • You are able to reach this URL in your browser and see the public key from Synchrony: <ELB-Address>/synchrony/jwt-key 
  • You are able to reach this URL in your browser and see an OK from Synchrony: <ELB-Address>/synchrony/heartbeat 
  • You are not successful when running this command from the Confluence node: 

    wget http://ELB-Address/synchrony/jwt-key

Cause

This is caused by blocking TCP port 8091 in the ELB Security group. This prevents Confluence nodes from reaching Synchrony nodes on 8091. 

You may still be able to reach the Synchrony node directly from the Confluence node on port 8091, but communication occurs through the load balancer (see diagram on this page). 

Resolution

Add port 8091 to the Elastic Load Balancer security group so that Confluence and Synchrony can communicate. 

Example rule addition:

(info) You may of course restrict this to only allow communication between those particular nodes or clusters. 


Last modified on Mar 21, 2024

Was this helpful?

Yes
No
Provide feedback about this article
Powered by Confluence and Scroll Viewport.