Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Connect Jira service management to IMAPS e-mailserver

Kees-Jan Lammers
Kees-Jan Lammers June 28, 2021

Hi,

I'm trying to connect JIRA service management to an inbox using IMAPS. Whenever i try to connect (through project settings -> e-mail requests, using the correct credentials) i get the following error:

Received fatal alert: handshake_failure

If i try to set up an e-mailserver it seems to work. Trying to test the configuration of an e-mailhandler however gives this error:

javax.mail.MessagingException: Received fatal alert: handshake_failure while connecting to host 'blabla' as user 'servicedesk@yadayada.com' via protocol 'imaps, caused by: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure

Usually i would add the ssl certificate to the java keystore and try again. Problem is, we use JIRA service management as SaaS, so i don't think we have access to this java keystore.

Does anyone have any ideas on how to fix this?

Kind regards,

KJ

Answer
Watch
Like Be the first to like this
354 views

1 answer

1 accepted

1 vote
Answer accepted
Charlie Misonne
Charlie Misonne
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
June 28, 2021

Hi Kees-Jan,

I'm afraid you can't connect to a service using a self-signed or in-company CA certificate in Atlassian Cloud.

This can be read on Configuring Jira applications to receive email from a POP or IMAP mail server.

2021-06-28 14_51_34-Configuring Jira applications to receive email from a POP or IMAP mail server _ .png

Are you able to replace your mail server's certificate signed by a public CA?

View More Comments
Kees-Jan Lammers
Kees-Jan Lammers June 28, 2021

Hi Charlie,

Thanks for checking out this problem and replying. I did overlook this particular potential issue. However, i double checked and i'm not using a self signed certificate/in-company CA certificate, so i guess this shouldn't be a problem :)

Do you have any other ideas?

Kind regards,

Kees-Jan

Like
Charlie Misonne
Charlie Misonne
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
June 28, 2021

Well that's odd.

Do you use an on premise / self managed email server? Perhaps something is wrong with its key chain? A missing intermediate certificate for example.

To identify those types of issues I often the openssl command like:

openssl s_client -connect <hostname>:<port>

You can find similar websites on the we doing those checks for you. Example: www.sslshopper.com but I'm not sure whether it supports custom ports.

Or if you are using a SaaS mail solution like Office 365, Gmail, Hotmail, this is out of your league and I would suggest contacting Atlassian Support instead.

Like
Matthijs Laan
Matthijs Laan June 29, 2021

The certificate is signed by Sectigo:

$ openssl s_client -connect <hostname>:443
CONNECTED(00000003)
depth=2 C = US, ST = New Jersey, L = Jersey City, O = The USERTRUST Network, CN = USERTrust RSA Certification Authority
verify return:1
depth=1 C = GB, ST = Greater Manchester, L = Salford, O = Sectigo Limited, CN = Sectigo RSA Domain Validation Secure Server CA
verify return:1
depth=0 CN = <hostname>
verify return:1
---
Certificate chain
0 s:CN = <hostname>
i:C = GB, ST = Greater Manchester, L = Salford, O = Sectigo Limited, CN = Sectigo RSA Domain Validation Secure Server CA
1 s:C = GB, ST = Greater Manchester, L = Salford, O = Sectigo Limited, CN = Sectigo RSA Domain Validation Secure Server CA
i:C = US, ST = New Jersey, L = Jersey City, O = The USERTRUST Network, CN = USERTrust RSA Certification Authority
---

 Maybe related to https://jira.atlassian.com/browse/JRACLOUD-76343

Like
Charlie Misonne
Charlie Misonne
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
June 29, 2021

Well indeed, that's definitely related. And not much to do about it apparently.

You could contact support to make sure this is the issue you're dealing with .

Like
Kees-Jan Lammers
Kees-Jan Lammers June 30, 2021

No, apparently not. Too bad, we'll have to try something different than..

Thanks for your input, Charlie!

Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira Service Desk
Jira Service Management
DEPLOYMENT TYPE
CLOUD
PRODUCT PLAN
STANDARD
PERMISSIONS LEVEL
Site Admin
TAGS
AUG Leaders

Atlassian Community Events

    See all events