Edit Attachment feature does not work when using self-signed certificate

Still need help?

The Atlassian Community is here for you.

Ask the community


Platform notice: Server and Data Center only. This article only applies to Atlassian products on the Server and Data Center platforms.

Support for Server* products ended on February 15th 2024. If you are running a Server product, you can visit the Atlassian Server end of support announcement to review your migration options.

*Except Fisheye and Crucible

This documentation only applies to Confluence version 6.11 onward, which comes with the Confluence Companion App to edit all types of attachments.

Problem

Editing an attached file in a Confluence page (via Atlassian Companion App ) resulting in the Companion App to be unresponsive, as shown in the attached screenshot below:

Diagnosis

Environment

  • You're using Confluence version 6.11 and above. 

  • Confluence is running over SSL/HTTPS using a self-signed certificate. 

Diagnostic Steps

  1. Please try to edit an attached file in a Confluence page while generating a HAR file from your browser. 

  2. Once you've done that, please open the generated HAR file and try to look for similar request URL as follows:

    <ConfluenceBaseURL>/rest/previews/templinksresource/attachmenturl?attachmentId=<attachmentID>&pageId=<pageID>
  3. Next, please try to locate the signedDownloadPath entry of this request URL's response content. 

    Sample response content for the above request URL:
    {
    "text": "{\"attachmentId\":46367300,\"downloadPath\":\"/download/attachments/46367304/Meeting_Notes_v1.2_20190108.xlsx?version=1&modificationDate=1546944188880&api=v2&download=true\",\"uploadPath\":\"/rest/api/content/46367304/child/attachment/46367300/data\",\"signedDownloadPath\":\"/download/attachments/46367304/Meeting_Notes_v1.2_20190108.xlsx?version=1&modificationDate=1546944188880&api=v2&download=true&jwt=eyJzdWIiOiJqd3Quc3ViamVjdC5jb25mbHVlbmNlLXByZXZpZXdzLnRlbXBsaW5rc3Jlc291cmNlIiwicXNoIjoiMjRhYmZlOGE2MmNiZTM2ZjdiY2YxNmY3NTc5OGI4NDExOTg5NzJlYmMxNDhkMTdhMzBjODdiNDQ4YTAxOThjOCIsImlzcyI6ImNvbS5hdGxhc3NpYW4uY29uZmx1ZW5jZS5wbHVnaW5zLnByZXZpZXdzIiwiZXhwIjoxNTQ3MDExMTQ5LCJpYXQiOjE1NDcwMTEwODksInVzZXJLZXkiOiIyYzlkNjNlMzYzMjRlNjUyMDE2MzhmZGVmMzU3MDAxMyJ9.P7Vs5E6lPg5gmbbQzhNlrYYPWL2HG4J86xv52jV-VQg\",\"signedUploadPath\":\"/rest/api/content/46367304/child/attachment/46367300/data?jwt=eyJzdWIiOiJqd3Quc3ViamVjdC5jb25mbHVlbmNlLXByZXZpZXdzLnRlbXBsaW5rc3Jlc291cmNlIiwicXNoIjoiZmU5NDQ2NmViNDk2Y2M2MmMxMGU3YTM5OGM2YjQyMzdkMDVjMjBmMjVmNDA5ZjJkMjAyZmI3ZGY2NjMzOTg5YiIsImlzcyI6ImNvbS5hdGxhc3NpYW4uY29uZmx1ZW5jZS5wbHVnaW5zLnByZXZpZXdzIiwiZXhwIjoxNTQ3MDExMTQ5LCJpYXQiOjE1NDcwMTEwODksInVzZXJLZXkiOiIyYzlkNjNlMzYzMjRlNjUyMDE2MzhmZGVmMzU3MDAxMyJ9.gAYZ3hxzae85RX_Mv9d6osw2dV-BCHEmAb9zNladWaQ\"}"
    }
  4. If we're able to find the signedDownloadPath entry in the response, we could then confirm that Confluence was able to generate the correct information to be sent over to the Companion App , when the Edit with <ApplicationName> button is clicked. 
  5. Another thing that we also need to take note of here is that the Companion App  will be using the signedDownloadPath (it includes the jwt token which will only be valid for 30 seconds) in the details above to download the attachment to the designated folders below:

    Windows
    C:\Users\username\.atlassian-companion\<hash>\<fileName>

    (info) The user may need to "Show hidden files and folders" to view this folder

    Mac
    ~/.atlassian-companion/<hash>/<fileName>
  6. Should Companion App able to download the files successfully, it will then open it with the application that is determined earlier. Otherwise, the files downloaded to the path above would be of zero bytes. 

Cause

When Confluence is running over SSL (with self-signed certificate), the Companion App feature will not work out of the box. This is because Atlassian Companion App is built with ElectronJS, which does not trust the self-signed certificate by default. As such, Companion App then won't be able to download the edited file successfully. 

Workaround

As such to workaround this, we'd then need to manually add the certificate to the local machine's certificate manager tool, so that our self-signed certificate would be trusted.

To do this, we believe you may follow the steps outlined in the following articles:


DescriptionCompanion App unresponsive
ProductConfluence
Last modified on Jan 15, 2019

Was this helpful?

Yes
No
Provide feedback about this article
Powered by Confluence and Scroll Viewport.