Sorry, a communication error occurred while trying to contact the remote authentication server..

Navadeep July 6, 2017

Hi ,

I have installed ldap certificate properly an I am not able to login to JIRA. Below is the error message I received.

Please help me. Could there be any network issue here ?

6.4.14 - the current JIRA version we are using.

Attached is thLog-Communication Error.JPGe log file screenshot.

##########################################################

Thanks,
Nav

1 comment

Nic Brough -Adaptavist-
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
July 6, 2017

If you have installed the certificate correctly, then the error message is telling you that it's not valid for accessing your LDAP server.

Navadeep M July 6, 2017

Here is the screenshot for the same

 

ldap cert.jpg

Nic Brough -Adaptavist-
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
July 6, 2017

I can't tell you what you've got wrong in your certificates - I don't know what your server is requiring of them, or how they were generated.

But, I do know the certificate is wrong, and I'd guess it is probably self-signed.  I would expect that error message to happen because the certificate does not conform to RFC 2818, which Java insists on handling strictly.

You may want to talk to your certificate authority about:

 

 RFC 2818:

If a subjectAltName extension of type dNSName is present, that MUST be used as the identity. Otherwise, the (most specific) Common Name field in the Subject field of the certificate MUST be used. Although the use of the Common Name is existing practice, it is deprecated and Certification Authorities are encouraged to use the dNSName instead.

[snippy as not needed]

In some cases, the URI is specified as an IP address rather than a hostname. In this case, the iPAddress subjectAltName must be present in the certificate and must exactly match the IP in the URI.

Navadeep M July 6, 2017

Hi Nic,

Articulated the whole scenario in few steps. Please dont mind.(this is to give a clear picture to you on what happened exactly)

Well, this is the same certificate I am using which worked fine 10 days back.

Below is the overview of the things I did few days back, which will give you some idea on what has happened.

Our goal is to upgrade the current version of JIRA(6.3.12) to latest available version.

A DEV environment is been created and given to me to have the complete cycle ready(6.3.12 to 7.3.X)

1. Replicated the same environment(6.3.12) of JIRA from PROD to DEV.(PostgreSQL to Oracle 11g) using XML Backup.

2. Upgraded 6.3.12 to 6.4.14

3. Informed DBA to manually migrate data from 11g to 12c(as 6.4.14 supports both 11g and 12c)

4. Used the same ldap certificates during the step-1 and it worked fine.

5. Due to some issues in Confluence, I requested my linux admin to remove the Confluence user. But by mistake he removed JIRA user instead of Confluence user.

(Till here I was able to login with the LDAP use creds, as I have implemented them in the 1st step)

6. As I was not able to proceed with 7.0 upgrade(JIRA user missing), I have completely wiped out everything from the application server and restarted installing 6.4.14 directly on to the server.

7. As I have the 12c database available with the data, I have installed 6.4.14 and able to connect to the database.

8. When I used "keytool" to authenticate LDAP users(screenshot shared earlier), I have been thrown with this error.

(Sorry, a communication error.......)

 

Thanks,

Navadeep

Comment

Log in or Sign up to comment
TAGS
AUG Leaders

Atlassian Community Events