Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Groups
Explore all groups
Community resources

It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Sign up for free Log in
Atlassian Community Hero Image Collage

Server Certificate changed now getting trusted url error

KP11
KP11 Jun 18, 2013

Our MIS group changed the server SSL certificate onn production and we are now getting URL error in Trusted Connection with his URL: http://wiki.candle.com/plugins/servlet/applinks/auth/conf/config-tabs?direction=INBOUND&applicationId=87822465-4750-34f0-9b98-4a845136e7e6
Where does Wiki/Conflunce get the application ID in the URL. is it the certificate id in cache? If so how doe we clear it besides the browser?
We rebuilt the trusted connection in application links but still get system error. This was advised by support in another record.

Clearing browser ssl cache did not change the application id. What else needs to replace the application ID

Answer
Watch
Like Be the first to like this

4 answers

1 accepted

0 votes
Answer accepted
C_ Faysal
C_ Faysal Jun 20, 2013

agree with alex:

KP11 first off all you need to find out wich JRE your applications (confleunce, jira) are using.

by default boths bring their own JRE (i.e. sth like /opt/atlassian/jira/jre & /opt/atlassian/confluence/jre)

just simply run a "ps axf|egrep '(jira|confluence)'"

which will show you the complete cmd line how the apps are started including JAVA paths.

next you will need to import the new certificate i.e. like this:

keytool -import -alias <you name it> -file <path to certfile> -keystore /opt/atlassian/jira/jre/lib/security/cacerts

do the same for confluence and restart boths apps for changes to take effect.

i believe this should be it

HINT: i run 3 atlassian apps on one host so i configured all of them to use a centralized (own installation) JAVA version. so only one keystore needs to be updated incase of any certificate change

Reply
0 votes
PeterKoczan
PeterKoczan Atlassian Team Jun 18, 2013

Hi,

Not sure if it will help in this case, but you could give it a try to re-initalize the keystore using the JSP mentioned in the following article: https://confluence.atlassian.com/display/CONFKB/Unable+to+Add+Confluence+as+A+Trusted+Application

Kind regards,

Peter

View More Comments
KP11
KP11 Jun 18, 2013

The doc is for version 3.x we are on 4.3.3

Like
Reply
0 votes
Alex Perez
Alex Perez Jun 18, 2013

Can you check if you "client" app have the new server certificate imported into it's cacerts keystore?

View More Comments
KP11
KP11 Jun 19, 2013

There are no certs in the Confluence or Java directories. CACERTS is in Java

Like
Reply
0 votes
Alex Perez
Alex Perez Jun 20, 2013

KP11:

cacerts, as far as I know, is a keytore that Java uses to store trusted certs (like the CA). One common solution is importing the SSL certificate that is using your server into the cacerts in the JDK used by confluence. This way, you are telling confluence that this certificate is 100% trusted.

Reply

Suggest an answer

Log in or Sign up to answer
Atlassian logo
Atlassian Account
TAGS
Community showcase
Nehal Jain
Nehal Jain
Asked in Atlassian Account

Upcoming AMA with the Atlassian Identity Product Managers!

"Atlassian Account" is a space where you can raise questions about your Atlassian Account and your identity across all of our Atlassian Cloud Products. This involves understanding User Managemen...

405 views 7 16
View question

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you