Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

Fisheye SSL issue

Vishnu G July 20, 2018

Hi,

   As per following document https://confluence.atlassian.com/fisheye/fisheye-ssl-configuration-298976938.html we configured fisheye SSL but unfortunately I am not able to access through secure port (I am able to access non secure port: http://<host name>:8060/crucible)

Below are my environment details:

Version: fisheye/4.5.2

Java Version : 1.8.0_162
Java Vendor : Oracle Corporation

 

I am able to see the below in log:

Webserver Setup
--------------------------
Site Url : https://<host name>:9443/crucible
Web Context :crucible
Http Bind ::8060
Https Bind ::9443
Https Context :crucible

 

Please suggest.

 

Thanks.

1 answer

1 vote
Rodrigo M
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
July 25, 2018

Hello Vishnu!

What happens when you try to access Fisheye through HTTPS in the browser? Can you let us know what error is displayed in the browser?
Screenshots are welcome.

In addition, you can also check for errors in Fisheye logs after starting Fisheye to have a better idea of the error being thrown in the logs. The log files are located in <FISHEYE_INST>/var/log/atlassian-fisheye-yyyy-mm-dd.

Regards,
Rodrigo

Vishnu G July 25, 2018

thanks for your response and below are the details,

I have enabled DEBUG mode but I don't see any thing in logs when I tried HTTPS through web browser.

Below is the exception I am getting in Chrome.

This site can’t provide a secure connection

server.com uses an unsupported protocol.

ERR_SSL_VERSION_OR_CIPHER_MISMATCHHIDE DETAILSUnsupported protocolThe client and server don't support a common SSL protocol version or cipher suite.

 

I tried to few Ciphers but didn't succeed. Please suggest.

Vishnu G July 25, 2018

We are not using any proxy server.

Rodrigo M
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
July 25, 2018

Hi Vishnu

I believe the error, from searching online, is as it states, there is a mismatch in the cipher suite being provided and what is supported by the protocol provided and your JVM. You can use the two resources below to investigate:

Despite that, I just want to clarify that the example provided on the page is just to show how you can specify adding and excluding protocols and cipher suites. The values you actually provide will be based on what your certificate, java version, and or your security team require. It is not necessarily needed to complete SSL setup. Once you’ve followed the steps on our FishEye SSL Configuration page you should be able to access your site via HTTPS at the port you’ve defined.

Regards,
Rodrigo

Vishnu G July 26, 2018

Thank you for providing those info.

Vishnu G August 21, 2018

Create the JKS file from the PKCS#12 file generated above – use the same password for the both deststorepass and destkeypass:

keytool -importkeystore 
	-deststorepass <MY_DESTINATIONSTORE_PASSWORD> -destkeypass <MY_DESTINATIONKEY_PASSWORD> 
	-destkeystore <keystore file name> -srckeystore <p12 output file> 
	-srcstoretype PKCS12 -srcstorepass <MY_PKC12_KEYSTORE_PASSWORD> 

 

Using JKS format directly fixed the issue, I didn't convert the format to PKC12 like above.

Thanks.

 

Like Shiva-NCR likes this
Shiva-NCR November 3, 2018

Hi @Vishnu G I am having the same issue ... I'm not clear when you say "Using JKS format directly fixed the issue, I didn't convert the format to PKC12 like above." .. can you please elaborate what you needed to do to fix the issue? Thanks!

Shiva-NCR November 3, 2018

shiva-G3QK:crucible shiva$ keytool -list

Enter keystore password: 

Keystore type: PKCS12

Keystore provider: SUN

 

do you mean to say the Keystore type should be JKS here? Thanks!

Shiva-NCR November 3, 2018

I changed the storetype to JKS .. still facing same issues:

 

shiva-G3QK:crucible shiva$ keytool -list

Enter keystore password: 

Keystore type: JKS

Keystore provider: SUN

 

Your keystore contains 1 entry

 

do you have some time to help me @Vishnu G @Rodrigo M

 

thanks!

Suggest an answer

Log in or Sign up to answer
TAGS
AUG Leaders

Atlassian Community Events