Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

Earn badges and make progress

You're on your way to the next level! Join the Kudos program to earn points and save your progress.

Deleted user Avatar
Deleted user

Level 1: Seed

25 / 150 points

Next: Root


1 badge earned


Participate in fun challenges

Challenges come and go, but your rewards stay with you. Do more to earn more!


Gift kudos to your peers

What goes around comes around! Share the love by gifting kudos to your peers.


Rise up in the ranks

Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!


Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Atlassian Community about banner
Community Members
Community Events
Community Groups

Crowd: 'Connection to authentication server failed' after switching to https

Today I updated my SSL certificate and everything went fine, until it was time to login on my Crowd and other applications.
I couldn't do it.

I decided to go back to my old expired certificate, but I had the very same problem I was already having with Crowd:
Connection to authentication server failed. Please review the logs for more information.

After doing some research I played with my file (which, until now, it was working perfectly). After switching my crowd.server.url and my login.url to http instead of https, the login at crowd works, while the login in other apps are still not working at all.

I tried to switch back to my old expired SSL certificate, but the result was the same.

I have tried everything almost, with no luck whatsoever.
Please, could somebody help me?

This is my log:

2 answers

Thị trường nhà đất Đà Nẵng năm 2022 diễn ra như thế nào? Đà Nẵng thuộc top 20 thị trường nhà đất dẫn đầu thế giới về bất động sản hàng hiệu, được các chuyên gia bất động sản ví von như một “thiên đường nghỉ dưỡng” với những căn hộ hàng hiệu có mức giá phù hợp cùng tiềm năng phát triển trong tương lai. Các nhà đầu tư khôn ngoan với tầm nhìn sâu rộng trên thị trường, họ sẵn sàng xuống tiền nhanh chóng để sở hữu cho mình những bất động sản hàng hiệu đến từ những chủ đầu tư có tiếng trên thị trường.

0 votes
Marcin Kempa Atlassian Team Feb 04, 2018

Hi @Danel Sánchez,


Your log files looks pretty similar to those mentioned in this community postHowever, It is still unclear to me, why reapplying old certificate did not restore the service.

It might be related to the SNI support enabled by default since Java 7. Please take a look at this KB article and try to apply the suggested solution.


Please let me know if this helped you.


Best Regards,

Marcin Kempa

Thank you for your reply, Marcin.

I took some time to review the issue and followed your recommendation and added this to my JAVA-OPTS:


However, the result remains the same. No matter the kind of certificate I use, I get this on my log:


018-02-20 20:12:10,990 http-bio-MYIP-MYPORT-exec-8 INFO [service.soap.client.SecurityServerClientImpl] Existing application token is null, authenticating ...
2018-02-20 20:12:11,142 http-bio-MYIP-MYPORT-exec-8 ERROR [xfire.transport.http.HttpChannel] peer not authenticated

Sometimes it prompts me to:

2018-02-20 20:12:11,217 http-bio-MYIP-MYPORT-exec-8 ERROR [crowd.console.action.Login] Failed to connect to the authentication server, please check your

I'm entirely lost over here.

Marcin Kempa Atlassian Team Feb 20, 2018

Hi @Danel Sánchez,


In you first post you've mentioned that you updated the certificate. Did you also added this new certificate to Java's key-store as described here?


Best Regards,

Marcin Kempa

Hello @Marcin Kempa,

I did not, and maybe it would have helped, however, I didn't have to: I finally got it solved. Probably nobody will come up with the same mistake as I, but I'll share how I fixed this just in case:

Comparing the two keystores I had (which are the same, but I made a backup just in case) I noticed a subtle difference:

I didn't append my domain validation certificate to the key. Awkwardly, Confluence, JIRA and Bitbucket worked flawlessly without appending it, but Crowd did not.

After appending the domain validation certificate to the key, Crowd worked over HTTPS without any problems, the SSO started to work instantly and everything went back to normal.


Notes for noobies like me:

After the old certificate expired, Crowd stopped working:

  • The access to the webpage worked (after adding the website to exceptions on the browser).
  • The login (more technically speaking, the Crowd Application), and therefore, the login of every application configured with SSO did not work.

The new certificate was not properly configured, which made Crowd to show the very same behavior as before with the expired one:

  • On the first case, because it was expired.
  • On the second case, because it couldn't check it was validated.

The errors, however, were mostly the same.


Hope this helps somebody in the future.

Thank you for your time, Marcin.


Kind regards,

Danel Sánchez

Marcin Kempa Atlassian Team Feb 20, 2018

I am glad that you were able to resolve the issue.

So if I get it right the issue was that your domain validating certificate could not be verified by the JVM running Crowd and adding it to the key store solved the problem?


Best Regards,

Marcin Kempa

After appending the domain validation certificate to the key

Can you describe this process in more detail?

You just pasted the cert and into the same file as the private key?

I don't understand this requirement.

Suggest an answer

Log in or Sign up to answer

Atlassian Community Events