Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Fisheye Crucible ssl bind

Shiva-NCR
Shiva-NCR October 31, 2018

hi, after updating config.xml for SSL bind .. the services come up .. but I am unable to establish connection on SSL port ... plain text is okay ..

 

you can see details below: 1) openssl connect attempt, it's to localhost:8443 where SSL bind is configured, 2) confirmation :8443 is listening 3) ps -ef output of fisheye process and 4) config.xml snippet:

1) ===================

ubuntu@ip-10-2-1-33:~$ openssl s_client -connect localhost:8443

CONNECTED(00000003)

139719883773592:error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure:s23_clnt.c:769:

---

no peer certificate available

---

No client certificate CA names sent

---

SSL handshake has read 7 bytes and written 305 bytes

---

New, (NONE), Cipher is (NONE)

Secure Renegotiation IS NOT supported

Compression: NONE

Expansion: NONE

No ALPN negotiated

SSL-Session:

    Protocol  : TLSv1.2

    Cipher    : 0000

    Session-ID:

    Session-ID-ctx:

    Master-Key:

    Key-Arg   : None

    PSK identity: None

    PSK identity hint: None

    SRP username: None

    Start Time: 1540998481

    Timeout   : 300 (sec)

    Verify return code: 0 (ok)

---

 

2) ===================

ubuntu@ip-10-2-1-33:~$ sudo lsof -i:8443

COMMAND  PID     USER   FD   TYPE DEVICE SIZE/OFF NODE NAME

java    3658 crucible  528u  IPv6 185685      0t0  TCP *:8443 (LISTEN)

3) ===================

ubuntu@ip-10-2-1-33:~$ ps -efl | grep 3658

0 S crucible  3658     1  0  80   0 - 822756 -     02:26 ?        00:06:03 /usr/bin/java -Dhttps.protocols=TLSv1.2 -Xmx1024m -Dfisheye.library.path= -Dfisheye.inst=/opt/fecru-4.4.1 -Djava.awt.headless=true -Djava.endorsed.dirs=/opt/fecru-4.4.1/lib/endorsed -jar /opt/fecru-4.4.1/fisheyeboot.jar start

0 S ubuntu    5554  5532  0  80   0 -  3236 pipe_w 15:08 pts/0    00:00:00 grep --color=auto 3658

ubuntu@ip-10-2-1-33:~$ cd /opt/fecru-4.4.1/

4) ===================

<web-server>

        <http bind=":8060"/>

        <ssl bind=":8443" keystore="/opt/fecru-4.4.1/keystore/devcrucible01.kst" keystore-password="************" truststore="/usr/share/java/jdk1.8.0_131/jre/lib/security/cacerts" truststore-password="************"><excludeProtocols><protocol>SSLv3</protocol></excludeProtocols>

<includeProtocols>

                <protocol>TLSv1.2</protocol>

                <protocol>TLSv1.1</protocol>

            </includeProtocols>

</ssl>

    </web-server>

Answer
Watch
Like Be the first to like this
976 views

0 answers

Suggest an answer

Log in or Sign up to answer
Fisheye
Fisheye/Crucible
TAGS
AUG Leaders

Atlassian Community Events

    See all events