Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Mail not working since upgrading from JIRA 5.0.7 to 5.1.1 (SSL Related)

Brian Albano
Brian Albano August 7, 2012

Hi all,

Am trying to see why mail is not working after upgrading from JIRA 5.0.7 to 5.1.1.

I see the following error message in catalina.out:

Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuild

erException: unable to find valid certification path to requested target

at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Unknown Source)

at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(Unknown Source)

at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Unknown Source)

at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Unknown Source)

at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(Unknown Source)

at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(Unknown Source)

at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Unknown Source)

at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Unknown Source)

at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(Unknown Source)

at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)

at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown Source)

at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown Source)

at com.sun.mail.util.SocketFetcher.configureSSLSocket(SocketFetcher.java:548)

at com.sun.mail.util.SocketFetcher.createSocket(SocketFetcher.java:352)

at com.sun.mail.util.SocketFetcher.getSocket(SocketFetcher.java:233)

at com.sun.mail.pop3.Protocol.<init>(Protocol.java:111)

at com.sun.mail.pop3.POP3Store.getPort(POP3Store.java:261)

at com.sun.mail.pop3.POP3Store.protocolConnect(POP3Store.java:206)

... 9 more

I am already aware that this is SSL related and that my keystore was possibly overwritten during the JIRA Upgrade.

I tried to reimport the public key ssl cert for my mail server but i see the following error:

# keytool -import -alias my_mailserver -file /usr/local/jira_home/mailserver.cert -keystore "/usr/local/jira/jre/lib/security/cacerts"

keytool error: java.security.cert.CertificateParsingException: java.io.IOException: subject key, Unknown key spec: Invalid RSA modulus size.

# openssl x509 -in /usr/local/jira_home/mailserver.cert -noout -text | egrep -i 'CN|RSA'

Signature Algorithm: sha1WithRSAEncryption

Issuer: C=US, ST=California, L=Los Angeles, O=My Company, OU=My Company Division, CN=Root CA/emailAddress=certificate-services@my_company.com

Subject: C=US, ST=CA, L=Los Angeles, O=My Company, OU=My Company Division, CN=my_mailserver

Public Key Algorithm: rsaEncryption

RSA Public Key: (2048 bit)

Signature Algorithm: sha1WithRSAEncryption


Any reason why this is happening?
Pls. let me know.
Thanks.
Brian
Answer
Watch
Like Be the first to like this
837 views

1 answer

1 accepted

0 votes
Answer accepted
Brian Albano
Brian Albano August 7, 2012

I figured it out... had to specify the entire path to keytool :D

Thanks.

Brian

Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira
TAGS
AUG Leaders

Atlassian Community Events

    See all events