Hi,
I am trying to setup Confluence behind load balancer in AWS and Okta. When I am trying to login via Okta, I am unable to do so. To be more specific, I am being stuck on refirect page from Okta to Confluence (image is attached). When I looked at logs in /var/atlassian/application-data/confluence/logs/atlassian-confluence.log
2017-07-24 02:44:12,709 WARN [http-nio-8090-exec-2] [internal.integration.jira.DefaultJiraService] communicateWithJira Problem communicating with JIRA: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
-- referer: https://wiki-stage.mydomain.com/ | url: /rest/highlighting/1.0/panel-items | traceId: f2da7474efe3185d | userName: user.name
We are running Active Directory and I imported its certificate into keystore. The only missing piece I could think of is try to point confluence to correct keystore in setenv.sh ( -Djavax.net.ssl.trustStore=<path_to_keystore> ).Did anyone have similar problems configuring Confluence with Okta?
Any help is appreciated.
where you able to resolve this? experiencing the same issue.
Your cert needs to be imported to the java used by your application:
JAVA_HOME/jre/lib/security/cacaerts
-Lars
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
I have configured CATALINA_OPTS="-Djavax.net.ssl.trustStore=/opt/atlassian/confluence/jre/lib/security/cacerts" argument in setenv.sh
What I am surpsised about is seeing an error related to Jira while I am configuring Confluence.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
If you are using self signed ssl certificates on both JIRA, and Confluence with application links, then you`ll need to import certificates to both applications.
-Lars
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Not sure what SSL problems has to do with Okta integration?
-Lars
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.