Active Directory/LDAP connection fails after upgrade from 7.8.1 to 7.21.10

warecm43 February 24, 2023

I'm hoping to find a solution to the issue of my Active Directory/LDAP (using Microsoft Active Directory) connection not working after upgrading to the latest LTS version 7.21.10.

The host machine is running Linux.

This is on my test server.  Making sure I find the pitfalls before applying to my production server.  Test and production servers are configured the same (except for hostnames and certificates).

I verified that the bitbucket.properties file did not change from pre-upgrade to post-upgrade.  Are there any other files I should check for that could affect this connection?

Everything was operational prior to the upgrade (running 7.8.1).

I am able to login with my local admin account for Bitbucket and make changes if necessary.  I've compared the User Directories information between my test and production servers, and found no differences.

This is the error when testing the connection:  

Test basic connection : Failed
ActiveDirectory-ADDRESS:636; nested exception is javax.naming.CommunicationException: ActiveDirectory-ADDRESS:636 [Root exception is javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target]

I can't figure out where it's looking for a certification path from, since no config files have changed, as far as I can tell, unless there's one somewhere I don't know about.

I haven't yet tried to roll back to the previous version.  Hoping to figure this out before having to roll back.

If there is any other information that is required that I haven't provided, please let me know and I'll do my best to provide it.

Any assistance is appreciated.

 

Thanks,

Chris

1 answer

1 accepted

0 votes
Answer accepted
warecm43 February 27, 2023

I found the issue.  While Nicolas Grossi's answer was not the solution it did provide a starting point for the answer.

With the newer version, the way the JRE_HOME/JAVA_HOME was set was changed from the previous version of 7.8.1, thus it pointed to the bundled installation of Java instead of the version that I installed and used.

Once I made the change to set-jre-home.sh to point to the location of the installed Java, the application was able to connect to my AD/LDAP server using the existing settings.

Suggest an answer

Log in or Sign up to answer
TAGS
AUG Leaders

Atlassian Community Events