Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Deleted user
0 / 0 points
Next:
badges earned

Your Points Tracker
Challenges
Leaderboard
  • Global
  • Feed

Badge for your thoughts?

You're enrolled in our new beta rewards program. Join our group to get the inside scoop and share your feedback.

Join group
Recognition
Give the gift of kudos
You have 0 kudos available to give
Who do you want to recognize?
Why do you want to recognize them?
Kudos
Great job appreciating your peers!
Check back soon to give more kudos.

Past Kudos Given
No kudos given
You haven't given any kudos yet. Share the love above and you'll see it here.

It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

Can't connect to MySQL anymore - SSLHandshakeException Edited

JIRA version = 8.5.4, Java Version = 1.8.0_292, MySQL  5.7.33-0ubuntu0.18.04.1 on Ubuntu 18.04 LTS

Everything was running fine until I had to reboot the server today. I haven't touched anything in my Jira config in months, all that might have happened is that an OS update might have updated MySQL, although I'm pretty sure I had 5.7 to begin with.

The dbconfig.xml connection URL looks like this (file is unmodified since a year):

<jdbc-datasource>
<url>jdbc:mysql://address=(protocol=tcp)(host=localhost)(port=3306)/jiradb?sessionVariables=default_storage_engine=InnoDB</url>
<driver-class>com.mysql.jdbc.Driver</driver-class>

...

The errors I see in my log are those:

2021-05-05 23:58:38,269+0200 JIRA-Bootstrap INFO [c.a.j.config.database.SystemDatabaseConfigurationLoader] Reading database configuration fr
om /var/atlassian/application-data/jira/dbconfig.xml
2021-05-05 23:58:38,295+0200 JIRA-Bootstrap INFO [c.a.j.config.database.DatabaseConfigHandler] Trying to get encrypted password from xml and
decrypt it
2021-05-05 23:58:38,296+0200 JIRA-Bootstrap INFO [c.a.j.config.database.DatabaseConfigHandler] Database password decryption not performed.
2021-05-05 23:58:38,556+0200 JIRA-Bootstrap ERROR [c.a.config.bootstrap.DefaultAtlassianBootstrapManager] Could not successfully test your d
atabase:
com.mysql.jdbc.exceptions.jdbc4.CommunicationsException: Communications link failure

The last packet successfully received from the server was 81 milliseconds ago. The last packet sent successfully to the server was 76 milliseconds ago.

...

Caused by: javax.net.ssl.SSLHandshakeException: No appropriate protocol (protocol is disabled or cipher suites are inappropriate)
at sun.security.ssl.HandshakeContext.<init>(HandshakeContext.java:171)
at sun.security.ssl.ClientHandshakeContext.<init>(ClientHandshakeContext.java:98)
at sun.security.ssl.TransportContext.kickstart(TransportContext.java:220)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:428)
at com.mysql.jdbc.ExportControlled.transformSocketToSSLSocket(ExportControlled.java:186)

Changing the JDBC URL to

jdbc:mysql://localhost:3306/jiradb?useUnicode=true&characterEncoding=UTF8&sessionVariables=default_storage_engine=InnoDB

as shown in https://confluence.atlassian.com/jirakb/change-mysql-connection-url-for-jira-server-874744240.html brings up the server in "new" mode, i.e. it asks me to configure the database and so on (obviously I already have a database with plenty of Jira data in it)

I've already checked this, but don't think the solutions apply since they only seem to be relevant for older MySQL and Jira versions.

Any help is appreciated!

1 answer

The reason for this was probably caused by a minor upgrade of mysql from 5.7.something to 5.7.33 which according to this replaces yaSSL (which only supports TLS 1.1) with OpenSSL (which only supports TLS 1.2 or 1.3).

I'm not sure if this is then a limitation of my 5.1.48 mysql-jdbc driver or something else in the JRE, at any rate, specifically setting ssl = 0 in my mysql conf (which was previously not set at all), rebooting mysql, then rebooting Jira solved the problem.

Since I only use localhost connections on that mysql server, that shouldn't be a problem, but I'd be curious as to how to make this work without disabling SSL in mysql.

Suggest an answer

Log in or Sign up to answer
DEPLOYMENT TYPE
SERVER
TAGS
Community showcase
Published in Confluence

Introducing External Collaboration for Confluence

We’re excited to introduce external collaboration for Confluence, now available in early access. It is available to preview for Confluence Cloud Premium and Enterprise customers. (If you're not on ...

186 views 0 7
Read article

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you