My application is running in a "secure" customer network. (.. in customer's sense, with Firewalls etc.) However, the customer decides to run JIRA server (7.2x) over HTTPS protocol using a self signed certificate. (I agree: This is not a good practice: It is customer's decision I can't change.)
I need a way to tell my application to trust this customer self signed cert. (Or even any cert, if panic wins…)
How can I do that?
My application is using an old version of JIRA REST JAVA CLIENT (2.3?)
The customers cert is already imported in the cacerts. (Yes, I told the keytool to trust it, I set the javax.net.ssl.trustStore and .javax.net.ssl.trustStorePassword properties properly at run time.)
I tried the solution mentioned here too (http://stackoverflow.com/questions/2642777/trusting-all-certificates-using-httpclient-over-https/4837230#4837230), but I got a compile error in following line, because the constructor is not defined:
return new DefaultHttpClient(ccm, params);
Perhaps I am just missing the *jar in the right version. (Which version(s)?)
F1 and suggestions welcome.
I found problem source setting the javax.net.debug=ssl property:
The portecle tool (I used it to get certificate from JIRA as described here https://confluence.atlassian.com/adminjiraserver071/running-jira-applications-over-ssl-or-https-802593051.html) gave my only one certificate from JIRA server. However, my application got more than one certificate while SSL handshake from JIRA server. Afortunatelly, the output (thanks javax.net.debug=ssl) told me where to get those certificates. (URL was there.) Now I got those certificates from the respective URLs and imported them to the cacerts. SSL handshake work after that.
Connect with like-minded Atlassian users at free events near you!Find a group
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no AUG chapters near you at the moment.Start an AUG
We're bringing product updates and pro tips on teamwork to ten cities around the world.Save your spot