Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Bitbucket unable to run Log analyzer

RRC Corp Applications
RRC Corp Applications February 18, 2018

Hi,

We have configured proxy access for Bitbucket. This is working for viewing the Atlassian marketplace (viewing plugins).

Unfortunately when trying to run the log analyzer though, it reports that it can not run. Our infrastructure tech has viewed the proxy log and can confirm that the proxy is letting it through.

 

Looking at the logs, I can see

2018-02-19 09:29:32,613 INFO [hercules] c.a.t.stp.hercules.LogScanTask Scan failed:
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1949)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:302)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:296)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1509)
at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:216)
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:979)
at sun.security.ssl.Handshaker.process_record(Handshaker.java:914)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1062)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1375)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1403)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1387)
at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:559)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream0(HttpURLConnection.java:1513)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1441)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:254)
at com.atlassian.sisyphus.RemoteXmlPatternSource.reload(RemoteXmlPatternSource.java:77)
at com.atlassian.sisyphus.RemoteXmlPatternSource.<init>(RemoteXmlPatternSource.java:68)
at com.atlassian.troubleshooting.stp.salext.AbstractSupportApplicationInfo.getPatternSourceByURL(AbstractSupportApplicationInfo.java:236)
at com.atlassian.troubleshooting.bitbucket.BitbucketApplicationInfo.getPatternSource(BitbucketApplicationInfo.java:168)
at com.atlassian.troubleshooting.stp.hercules.LogScanTask.call(LogScanTask.java:52)
at com.atlassian.troubleshooting.stp.hercules.LogScanTask.call(LogScanTask.java:23)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.lang.Thread.run(Thread.java:745)

 

Is there any suggestions on how we can get this working?

Answer
Watch
Like Be the first to like this
689 views

2 answers

1 accepted

0 votes
Answer accepted
Craig Castle-Mead
Craig Castle-Mead
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
February 19, 2018

Hey,

Without more information and a view to your architecture, this is a bit of a guess, however the PKIX pathbuilder error indicates there's an issue with your SSL certificate.

I've seen this error in the past for a few  reasons, but will focus on what feels like is the  more likely issue - the bitbucket service is accessing itself via a self-signed SSL certificate.

This could be cause:

  1. The SSL you're using publically is also self-signed - assuming your instance is publicly accessible, go to https://www.sslshopper.com/ssl-checker.html and you should get all green ticks. If you get a cross on "The certificate should be trusted by all major web browsers (all the correct intermediate certificates are installed)." then work with your infrastructure tech to get a proper SSL cert/installed
  2. If the above does return a green tick, then the way bitbucket accesses itself may be different to the way internet traffic is. To check, you can run the following from the command line on the server itself:
    curl -vvI https://bitbucket.mycompany.com
    If this fails due to a bad certificate, you're on a possible path to fix it. If it does fail, start by checking the DNS. If your public traffic goes through a load balancer that handles SSL, but your server routes it's traffic directly to itself (could be due to an entry in /etc/hosts ) then this could be your cause.

Suggest working through the above with your infrastructure team and reply with any output / findings as there might be a hint that helps identify the issue.

 

CCM

View More Comments
RRC Corp Applications
RRC Corp Applications February 19, 2018

Thanks Craig,

I managed to find the issue with the error. We had not trusted the certificate in the Java trust store. I followed the instructions at 

https://confluence.atlassian.com/jira/connecting-to-ssl-services-117455.html and this appears to have stopped the error in the logs.

 

In relation to the log analyzer issue, our technician fixed the issue with some further investigation of the proxy sessions.

thanks

Peter

Like
Reply
1 vote
RRC Corp Applications
RRC Corp Applications February 18, 2018

I should add too, when running the log analyzer, it is displaying this errorLogError.jpg

Reply

Suggest an answer

Log in or Sign up to answer
Bitbucket
Bitbucket
TAGS
AUG Leaders

Atlassian Community Events

    See all events