Crowd 2.12 with https and self-signed certificate?



is it possible to set-up Crowd Server 2.12 with https and a self-signed certificate?


I'm trying to set-up my Atassian Apps (Jira, Confluence, Crucible, Bitbucket, Crowd) to https. For Testing I do this on a Ubuntu Server Test Instance VM.

So far I can access Crowd over https but when I try to login I get following message:

"Connection to authentication server failed. Please review the logs for more information."


The error message in catalina.out are:

" PKIX path building failed: unable to find valid certification path to requested target"

" INFO [com.amazonaws.http.AmazonHttpClient] Unable to execute HTTP request: PKIX path building failed: unable to find valid certification path to requested target"

 "Failed to connect to the authentication server, please check your Could not invoke service.. Nested exception is org.codehaus.xfire.fault.XFireFault: Couldn't send message."

"http-nio-8096-exec-17 ERROR [xfire.transport.http.HttpChannel] No name matching localhost found"


I noticed something like that also in the Application Links of Jira & Confluence.

For the production server I will get a Certificate signed by our IT or I get one from another CA. But for testing I want to use a self-signed Cert.


Is that possible?


Thanks and kind regards



1 answer

1 vote
Marcin Kempa Atlassian Team Jan 10, 2018

Hi @Andreas Zeiler,


It is possible to add your's self signed certificates to Java trust store. In order to do so, please follow the documentation mentioned here.

However I think it might be easier for you, for testing purpose, to try out the solution. 

Here you can see which Java versions and browsers supports those certificates


Please make sure that you use proper certificates in your production environment.


Hope that helps,

Marcin Kempa

Hi Mercin Kempa,

thanks for reply.

As the server is only visible in our factory network, letsencrypt would have problems verifiying the server. Until now I don't know another way to sign my csr -file with letsencrypt.

I will try to add my self-signed certificate to java keystore.


Kind regards


Since the IdenTrust "DST Root CA X3" certificate provided by letsencrypt was added to certain versions of Java ( and this certificate is used to cross sign the automatically generated, I guess it could still work without the internet access. But frankly I did not test it, it is just another approach you might give a try.



While the above would work once the certificate is in place, the problem would be to generate one, as letsencrypt need to know that you are the one owning the domain.


Best Regards,

Marcin Kempa

Marcin Kempa Atlassian Team Jan 24, 2018

Hi @Andreas Zeiler

Did you manage to setup crowd https with those self signed certificates?


Best Regards,

Marcin Kempa

Hello Marcin,

finally I got it to work.

I hade some Problems with my Certificate. Since I use a virtual machine, I always added the IP of the VM to the Certificate. But in our Netzwork the IP changed and Crowd hat some problems with that.

I also didn't configure the Remote Addresses for the Crowd Application in the Application Settings.

I made a complete new self-signed Cert with the hostname of my VM. An I also accessed the Applications over that. Than I also added the signed certificate (*.cer) to the keystore of the used JavaVM (in my case every Atlassian App uses either its own Java or OpenJDK or Oracle Java which I've installed on the server, I had to look in the System Information of every App). This also helped me with the Problem that the Application Links between the Atlassian Apps didn't work.


By the way: it would be nice if you could update your "Crowd https setup" articles. For example I needed to add some lines to a "web.xml" but this was not mentioned in the help site.


Kind regards


Suggest an answer

Log in or Sign up to answer
Community showcase
Published Wednesday in Opsgenie

Getting the Most out of Atlassian and Opsgenie Together

We’re excited to invite you to this action-packed webinar where we will demonstrate how to integrate Opsgenie’s powerful alerting and on-call management tools with your entire Atlassian stack. Mar...

78 views 0 1
Read article

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you