Hello everybody i got this error from my Jira Post function
2019-12-18 10:18:17,985 ERROR [workflow.ScriptWorkflowFunction]: ************************************************************************************* 2019-12-18 10:18:18,001 ERROR [workflow.ScriptWorkflowFunction]: Script function failed on issue: BPS-813, actionId: 41, file: <inline script> com.atlassian.sal.api.net.ResponseException: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target at com.atlassian.sal.core.net.HttpClientRequest.executeAndReturn(HttpClientRequest.java:110) at com.atlassian.plugins.rest.module.jersey.JerseyRequest.executeAndReturn(JerseyRequest.java:131) at com.atlassian.plugins.rest.module.jersey.JerseyRequest.execute(JerseyRequest.java:113) at com.atlassian.applinks.core.auth.ApplicationLinkRequestAdaptor.execute(ApplicationLinkRequestAdaptor.java:47) at com.atlassian.applinks.oauth.auth.OAuthRequest.execute(OAuthRequest.java:71) at com.atlassian.sal.api.net.Request$execute$1.call(Unknown Source) at Script1224.run(Script1224.groovy:72) Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target at org.apache.http.conn.ssl.SSLConnectionSocketFactory.createLayeredSocket(SSLConnectionSocketFactory.java:396) at org.apache.http.conn.ssl.SSLConnectionSocketFactory.connectSocket(SSLConnectionSocketFactory.java:355) at org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.connect(DefaultHttpClientConnectionOperator.java:142) at org.apache.http.impl.conn.PoolingHttpClientConnectionManager.connect(PoolingHttpClientConnectionManager.java:373) at org.apache.http.impl.execchain.MainClientExec.establishRoute(MainClientExec.java:381) at org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:237) at org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:185) at org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:89) at org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:111) at org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:185) at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:83) at com.atlassian.sal.core.net.HttpClientRequest.executeAndReturn(HttpClientRequest.java:105) ... 6 more Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target ... 18 more Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target ... 18 more
This is the code behind the error:
import com.atlassian.applinks.api.ApplicationLink
import com.atlassian.applinks.api.ApplicationLinkService
import com.atlassian.applinks.api.application.confluence.ConfluenceApplicationType
import com.atlassian.jira.issue.Issue
import com.atlassian.sal.api.component.ComponentLocator
import com.atlassian.sal.api.net.Request
import com.atlassian.sal.api.net.Response
import com.atlassian.sal.api.net.ResponseException
import com.atlassian.sal.api.net.ResponseHandler
import groovy.json.JsonBuilder
import groovy.json.JsonSlurper
import com.atlassian.jira.component.ComponentAccessor
import com.atlassian.jira.issue.Issue
import groovy.xml.MarkupBuilder
/**
* Retrieve the primary confluence application link
* @return confluence app link
*/
def ApplicationLink getPrimaryConfluenceLink() {
def applicationLinkService = ComponentLocator.getComponent(ApplicationLinkService.class)
final ApplicationLink conflLink = applicationLinkService.getPrimaryApplicationLink(ConfluenceApplicationType.class)
conflLink
}
def confluenceLink = getPrimaryConfluenceLink()
assert confluenceLink // must have a working app link set up
def authenticatedRequestFactory = confluenceLink.createImpersonatingAuthenticatedRequestFactory()
def writer = new StringWriter()
def xml = new MarkupBuilder(writer)
def pageTitle = issue.getSummary()
def pageBody = """h3. Lauda
{quote}dgkbn kjc.,vmn {quote}
"""
def params = [
type : "page",
ancestors: [
[
type:"page",
id : "12517392",
]
],
title: pageTitle,
space: [
key: "BPS" ],
body : [
storage: [
value : pageBody,
representation: "wiki"
],
],
]
authenticatedRequestFactory
.createRequest(Request.MethodType.POST, "rest/api/content")
.addHeader("Content-Type", "application/json")
.setRequestBody(new JsonBuilder(params).toString())
.execute(new ResponseHandler<Response>() {
@Override
void handle(Response response) throws ResponseException {
if (response.statusCode != HttpURLConnection.HTTP_OK) {
throw new Exception(response.getResponseBodyAsString())
} else {
def webUrl = new JsonSlurper().parseText(response.responseBodyAsString)["_links"]["webui"]
}
}
})
Mostly happens in environments with their own PKI.
Ensure that you trust the Server Certificate of the destination Url (File "cacerts" in $JAVA_HOME.
When connecting two servers or rather application via HTTPS, the public SSL certificate from each server must be added to the other server's JVM trust store, as described here: https://confluence.atlassian.com/kb/how-to-import-a-public-ssl-certificate-into-a-jvm-867025849.html. After importing you need to restart Jira Services.
If you have a lower environment like dev or stage, then you would want to try this and see if that is going to help.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.