Hi,
As per following document https://confluence.atlassian.com/fisheye/fisheye-ssl-configuration-298976938.html we configured fisheye SSL but unfortunately I am not able to access through secure port (I am able to access non secure port: http://<host name>:8060/crucible)
Below are my environment details:
Version: fisheye/4.5.2
Java Version : 1.8.0_162
Java Vendor : Oracle Corporation
I am able to see the below in log:
Webserver Setup
--------------------------
Site Url : https://<host name>:9443/crucible
Web Context :crucible
Http Bind ::8060
Https Bind ::9443
Https Context :crucible
Please suggest.
Thanks.
Hello Vishnu!
What happens when you try to access Fisheye through HTTPS in the browser? Can you let us know what error is displayed in the browser?
Screenshots are welcome.
In addition, you can also check for errors in Fisheye logs after starting Fisheye to have a better idea of the error being thrown in the logs. The log files are located in <FISHEYE_INST>/var/log/atlassian-fisheye-yyyy-mm-dd.
Regards,
Rodrigo
thanks for your response and below are the details,
I have enabled DEBUG mode but I don't see any thing in logs when I tried HTTPS through web browser.
Below is the exception I am getting in Chrome.
server.com uses an unsupported protocol.
ERR_SSL_VERSION_OR_CIPHER_MISMATCHHIDE DETAILSUnsupported protocolThe client and server don't support a common SSL protocol version or cipher suite.
I tried to few Ciphers but didn't succeed. Please suggest.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Vishnu
I believe the error, from searching online, is as it states, there is a mismatch in the cipher suite being provided and what is supported by the protocol provided and your JVM. You can use the two resources below to investigate:
Despite that, I just want to clarify that the example provided on the page is just to show how you can specify adding and excluding protocols and cipher suites. The values you actually provide will be based on what your certificate, java version, and or your security team require. It is not necessarily needed to complete SSL setup. Once you’ve followed the steps on our FishEye SSL Configuration page you should be able to access your site via HTTPS at the port you’ve defined.
Regards,
Rodrigo
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Create the JKS file from the PKCS#12 file generated above – use the same password for the both deststorepass
and destkeypass:
keytool -importkeystore
-deststorepass <MY_DESTINATIONSTORE_PASSWORD> -destkeypass <MY_DESTINATIONKEY_PASSWORD>
-destkeystore <keystore file name> -srckeystore <p12 output file>
-srcstoretype PKCS12 -srcstorepass <MY_PKC12_KEYSTORE_PASSWORD>
Using JKS format directly fixed the issue, I didn't convert the format to PKC12 like above.
Thanks.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
shiva-G3QK:crucible shiva$ keytool -list
Enter keystore password:
Keystore type: PKCS12
Keystore provider: SUN
do you mean to say the Keystore type should be JKS here? Thanks!
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
I changed the storetype to JKS .. still facing same issues:
shiva-G3QK:crucible shiva$ keytool -list
Enter keystore password:
Keystore type: JKS
Keystore provider: SUN
Your keystore contains 1 entry
do you have some time to help me @Vishnu G @Rodrigo M
thanks!
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.