We have a funny issue with out SSL certs and confluence install. We are seeing the following error message when we are trying to sync via LDAP.
Caused by: javax.naming.CommunicationException: ldaps.****:636 [Root exception is javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure]
The thing is that all our instances broke at the same time. I can confirm we have around 50 other services using the LDAP service fine. (this is provided by out F5 LTM to a domain controller pool)
I can confirm the following
Any ideas would be awesome if you have seen this before.
I suggest you download the SSL cert of the ldaps and import that into the keystore of confluence, if not there already.
echo "" | openssl s_client -connect yourLDAPShostname:636 -prexit 2>/dev/null | sed -n -e '/BEGIN\ CERTIFICATE/,/END\ CERTIFICATE/ p' > ldaps.pem
#Convert from pem to der:
openssl x509 -outform der -in ldaps.pem -out ldaps.der
/PATHTOJDKKEYTOOL/keytool -import -alias ldaps -file ldaps.der -keystore /lib/security/cacerts
These commands are all linux-formated as you can see, feel free to Windows-ify them
Can you confirm if your Confluence Certificate is loaded on your LDAP and the LDAP certificate is loaded on Confluence? Check the Jonas’ comment.
Also, can you confirm what JAVA are you using? Keep in mind that JDK and JRE have store certificates in different directories.
Lastly, the name of the instances (Confluence and LDAP Server are matching with the certificates?
Connect with like-minded Atlassian users at free events near you!Find a group
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no AUG chapters near you at the moment.Start an AUG