I am running these Atlassian products on a virtual machine:
Today, my certificate expired. So, I replaced it with a new one. Unfortunately, I had also to replace the (self-created) CA.
Now for the strange thing: Only Jira accepts the new certificate. I can log-in on Jira without problems. (The only thing not working is including the other products' news feed in the dashboard - but that's explainable I guess.)
For Bamboo, Bitbucket, and Confluence I get upon login
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
All four products use in their server.xml the very same keystore file on that VM.
I have no idea why Jira is happy with the new certificate why the other products are not. I'd appreciate any hint.
Additional hint: Firefox is happy with the new certificate as well - after I have installed the new CA (which is not possible in Chrome anymore).
Hi Christian,
Putting the certificate into the keystore is not enough - the problem is that the other applications are trying to talk to Jira, but that presents an untrusted certificate. So you'll need to add the new certificate to the truststore (the cacerts file) as well.
Cheers,
Christian
Premier Support Engineer
Atlassian
Hi Christian,
thanks for that hint.
The challenge was: Finding out which cacerts file. The are so many and it was very unclear which Atlassian application uses which cacerts file. In the end, I just searched for all cacerts files on the file system and added the new CA to everyone.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.