Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

Next challenges

Recent achievements

  • Global
  • Personal

Recognition

  • Give kudos
  • Received
  • Given

Leaderboard

  • Global

Trophy case

Kudos (beta program)

Kudos logo

You've been invited into the Kudos (beta program) private group. Chat with others in the program, or give feedback to Atlassian.

View group

It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

Confluence: I can not add type: Microsoft Active Directory gives an error Edited

The integrations doesn't work.  Any ideas what this means, or how I can resolve this?

Error follows:

Connection test failed. Response from the server:
hostname.local:636; nested exception is javax.naming.CommunicationException: hostname.local:636 [Root exception is javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No subject alternative DNS name matching hostname.local found.]

Made the following steps does not help:

1. Edit the hosts file add DC IP address  and hostname

2. Disable Secure SSL by editing the LDAP directory and unchecking that box from Advanced Settings.

3. Add JVM startup parameter-Djdk.tls.trustNameService=true

 

1 answer

0 votes

Hello Dmitry,

Welcome to Atlassian Community! It's nice to have you.

Thank you for confirming which steps you have already tried. There are a few more suggestions from the article java.security.cert.CertificateException: No subject alternative DNS name matching <hostname> found:

  1. Fix the certificate to contain the correct name.
  2. Disable "Follow Referrals" in the User Directory configuration, if cross-domain memberships are not used.
  3. If you are using JDK 1.8.0_51 or later (bundled in Confluence 5.8.8 and later), the JDK no longer performs reverse name lookup for IP addresses by default, as per this java doc. You can re-enable reverse lookup by adding '-Djdk.tls.trustNameService=true' to your system parameters.

    If an application does need to perform reverse name lookup for raw IP addresses in SSL/TLS connections, and encounter endpoint identification compatibility issue, System property "jdk.tls.trustNameService" can be used to switch on reverse name lookup. Note that if the name service is not trustworthy, enabling reverse name lookup may be susceptible to MITM attacks.

Let me know if you have any trouble or if this is not successful.

Regards,

Shannon

Dear Shannon,
Yes, I already tryed solution from the article but problem stayed. it not resolved.

Dmitry,

Thank you for confirming that you were able to try the additional steps. 

Is that hostname.local the right hostname, or did you mask it for the post? If it is hostname.local, I would recommend that you change that and generate a new certificate.

If that doesn't help, have a look at the following article for additional troubleshooting steps, including adding the system property:

Dcom.sun.jndi.ldap.object.disableEndpointIdentification=true

Let me know how that goes!

Regards,

Shannon

Suggest an answer

Log in or Sign up to answer
TAGS
Community showcase
Posted in Confluence

What do you think is the most *delightful* Confluence feature? Comment for a prize!

- Create your own custom emoji 🔥 - "Shake for Feedback" on mobile 📱 - An endless supply of GIFs via GIPHY 🤩 Is there anything quite as nice as a pleasant surprise? Comment below with what...

408 views 23 8
Join discussion

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you