Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Root exception is javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No subject alternative names matching IP address

Prakash Krishna1
Prakash Krishnaswamy November 16, 2015

I am trying to tie Active Directory . Have installed certificate from windows admin as mentioned in following link 

https://confluence.atlassian.com/jira/configuring-an-ssl-connection-to-active-directory-229838539.html

But JIRA is throwing following error

Error:

Connection test failed. Response from the server:
AUSTAD-PRD.amat.com:636; nested exception is javax.naming.CommunicationException: AUSTAD-PRD.amat.com:636 [Root exception is javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No subject alternative names matching IP address xxx.xxx.xxx.xx found]

Answer
Watch
Like Be the first to like this
2646 views

3 answers

0 votes
Pawel Rozek
Pawel Rozek November 13, 2018

I know this is quite an old issue, but I had a similar error coming up. It seems that Atlassian documentation mentions that "Once the certificate has been imported as per the below instructions, you will need to restart the application to pick up the changes." That worked for me to resolve my issue.

Reply
0 votes
rrudnicki
rrudnicki
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
November 17, 2015

Hi Prakash, 

Can you verify if some IP Address or hostname has changed? Looks like your AD is not recognising the JIRA Certificate using  AUSTAD-PRD.amat.com with your xxxx.xxxx.xxxx.xxxx IP Address. 

 

Regards, 

Renato Rudnicki

Reply
0 votes
Sebastian Lotter
Sebastian Lotter November 16, 2015

Hi Prakash,

I saw the same exception after a java update to 7u7x as it is quite strict checking the IP in the certificate (see http://stackoverflow.com/questions/9185489/x509-subject-alternative-name-subjectaltname-ip-address-field). AFAIK there are two options:

a) Downgrade to 7u5x

b) Issue a new server certificate for your AD server including a subject alternate name for the IP of this server. No idea how this works in the windows world. For our Linux-Server it was a straightforward command line / configuration option.

Sebastian

Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira Software
TAGS
AUG Leaders

Atlassian Community Events

    See all events