Connect to Active Directory over SSL

iplatitsa July 19, 2017

Hi, 

 

I have jira running behind application loadbalancer with SSL termination on the load balancer in AWS. When I am trying to run  directory sync and I am seeing failures. When I am checking catalina.out logs I am seeing:
 "PKIX path building failed" and "unable to find valid certification path to requested target errors"

These are settings of my connector in server.xml:

<Service name="Catalina">

<Connector
port="8080"
maxThreads="150"
minSpareThreads="25"
connectionTimeout="20000"
enableLookups="false"
maxHttpHeaderSize="8192"
protocol="HTTP/1.1"
useBodyEncodingForURI="true"
redirectPort="8443"
acceptCount="100"
disableUploadTimeout="true"
scheme="https"
proxyName="jira-prod.domain.com"
proxyPort="443"
keystoreFile="/opt/atlassian/jira/jre/lib/security/cacerts" keystorePass="password"/>

Does anybody experience similar problem?

Does 

1 answer

0 votes
Andy Heinzer
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
July 20, 2017

The most common cause for this kind of error is that the java trust store JIRA is using does not have the SSL certificate for the site/address it is trying to connect to.   The KB

Unable to Connect to SSL Services due to PKIX Path Building Failed

also explains this error and steps you can take to troubleshoot this.

Suggest an answer

Log in or Sign up to answer