SSL handshake problem with Confluence connection to Jira User Server

I am connecting a test instance of Confluence with a production JIRA server.

I am trying to get the Confluence instance to use JIRA as a user server.

Below is the exception I receive from the connection test.  It is obviously encrypted.  

Connection works fine if I go directly through the tomcat non-ssl port 8080.

Connection fails with error below if I go through Apache port 443.

This is in the apache access log (notice the 403):

10.6.82.38 - - [09/Nov/2015:15:14:33 -0500] "POST /rest/usermanagement/1/search?entity-type=user&start-index=0&max-results=1&expand=user HTTP/1.1" 403 2084

Here are some config details worth noting:

  • The production JIRA is configured properly.  
  • SSL certificate is solid.  
  • Tomcat server.xml for JIRA has the scheme, proxyName, and proxyPort configured properly.
  • Application link works properly
  • Both Confluence and JIRA are running the provided Java 1.8.0_60 
  • Confluence 5.8.13
  • JIRA 6.3.10

 

What am I missing?

 

 

2015-11-09 14:56:44,353 ERROR [http-nio-8090-exec-5] [crowd.embedded.admin.ConfigurationController] onSubmit Configuration test failed for user directory: [ JIRA Server],
type: [ CROWD ]
 -- referer: http://10.6.82.38:8090/plugins/servlet/embedded-crowd/configure/jira/ | url: /plugins/servlet/embedded-crowd/configure/jira/ | userName: testuser
com.atlassian.crowd.exception.runtime.OperationFailedException: com.atlassian.crowd.exception.ApplicationPermissionException: ^@^@^@^@^@^@^@?U]o?6^T}??p?? ^X?^Tm???^F???:d
]?`?C ^X???"Y??????8r?^C?P^Y???y???`?^?2Tj^R^?^Q?d0?k^TdP8yg?B ?z???????????g?]?|?~z5^Y=?D-d~??d0?6 ???8 x^S?kXAkM&+p???h? ???? ???!{2XK-???????????G>??^E?Q?A??!G?5xb?L2S
????Uu!??YXgak\8??v^Yv???^B???~H???>?^??x- ?8?c^F!@V2YA???m?x?^@?v???w?D?Uf?;??c?,9?%?OQ???`??[?9????E??c??8????V^FD?P^D?}??k??-?^Bg?^U??5?1^X???>N???M ?sP ?D"?????^E ?^X?
x????^X*^V??L??oz?(??Qg? n^D7^Zi_?e/?+??*?^R W^D?????Hc??"??h^??A?w??U^X??C L?^F?0??P^V??(_?C?^Q?^Q??K?a? ??!C?????n?O?_??M??D?n/???^U??)?Z??^Ru??W???F?!?S?z%^C???^D:?5?D?
#???^W??^D???t?9???^d???$oF?^Zohz?";q???}^NY??6????w??`A?`t??T??^Z??G-J^E?[?x?C??m^S6?*?F}????92g?~;C?8*???s???^F"??9^V?5Q-???'C1;W?^N`g???ku?q>h?.?^D5??+?^B^U?t ?J-?g?jK?
E?&c??]????;?? $????^Y????#??s%%??$?>??^??v???????3?9?C\?O+?PESC?+?c-?:?????2G?/?#2??B??&; 1??U?@^E6 ???)?$a?/! ?O?S???????_:fNESC?x~^D?d??????;??1???w^A6?}?w??1??? ??^Xw?
^Q?^?n?^VH?]I?p??cV??????? ?^Dx??^O??????~g???l?KG???^CInp?.??"?^Z???t??L???^N? ?i3??S]?^G?ed???g^A:^Y????}n??.R?^X?????^?^A??o^W;^Y^@^@
        at com.atlassian.crowd.embedded.core.CrowdDirectoryServiceImpl.testConnection(CrowdDirectoryServiceImpl.java:78)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
        at java.lang.reflect.Method.invoke(Method.java:497)

1 answer

1 accepted

I figured it out.  The clue was in the Tomcat access log.  I expected the proxied traffic from Apache to show up in tomcat as coming from localhost.  I did not expect it to be the IPv6 localhost.

Adding "0:0:0:0:0:0:0:1" to the "IP Addresses" section of the Jira User Server configuration on my JIRA server solved the problem.  (I used the long name instead of the short-hand "::1" as that is how it appears in my Tomcat access log.)

Suggest an answer

Log in or Sign up to answer
Atlassian Community Anniversary

Happy Anniversary, Atlassian Community!

This community is celebrating its one-year anniversary and Atlassian co-founder Mike Cannon-Brookes has all the feels.

Read more
Community showcase
Kesha Thillainayagam
Posted Friday in Confluence

We want to hear how your non-technical teams are using Confluence!

Hi Community! Kesha (kay-sha) from the Confluence marketing team here! Can you share stories with us on how your non-technical (think Marketing, Sales, HR, legal, etc.) teams are using Confluen...

262 views 11 10
Join discussion

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you