We are running both JIRA (v5.2.6) and Confluence (v5.3.1) over SSL. They are running on the same server, but using different IP addresses. We have the security constraint in our web.xml file to force https. Lastly we are using a PFX cert exported from IIS to access the sites (had to add a keystoreType attribute to specify that it's a PKCS12 file).
Our Application Links don't work. To test it, I removed the SSL constraint in the web.xml file and changed the Base URLs to http://, and it worked. So it's just the SSL configuration that is messing things up.
I found this JIRA KB article (https://confluence.atlassian.com/display/JIRAKB/Unable+to+Connect+to+SSL+Services+due+to+PKIX+Path+Building+Failed+sun.security.provider.certpath.SunCertPathBuilderException) that tells how to make it work, but they are using Java keystores.
1. Has anyone successfully set up Application Links over SSL?
2. Is it possible to do it without using Java keystores?
I have a ticket out with Atlassian Support, but he's saying that they don't actually support Application Links over SSL, that I should either set it up over http, or check Atlassian Answers for further help.
Thanks for your response. We ended up finding a solution. I THINK it's the same as what you're suggesting. We had to basically take the Root CA cert portion of our PFX file (I'm no certificate expert) and save it as its own .crt file (I think we used OpenSSL). Then we imported that into the default Java keystore (%JAVA_HOME%/jre/lib/security/cacerts).
Again, I'm a cert novice, so I don't have full understanding as to why that worked. Does it sound like I over-complicated it?
We had this same issue.
In the end we had to make sure that the certificates were in the application directory keystores as well. e.g. Confluence/jre/security along with the base JRE directory as specfified in JAVA_HOME
We also found that you needed the domain and server certificates in the keystores.
Hope that helps
Badges are a great way to show off community activity, whether you’re a newbie or a Champion.Learn more
As part of the Bitbucket product team I'm always interested in better understanding what kind of impact the use of our tools have on the way you work. In a recent study we conducted of software devel...
Connect with like-minded Atlassian users at free events near you!Find a group
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no AUG chapters near you at the moment.Start an AUG
You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs