JIRA - Gadgets and SSL Edited

Hi all 

Small amount of information;

  • Jira v7.5
  • Running on CentOS 7
  • SSL configured
  • HTTPS over port 8443
  • Certificate signed by internal CA
    • Root CA added to truststore
    • Public certificate added to truststore

I have a question regarding using gadgets on the dashboard. 

When I add a gadget, the title shows as _MSG_Gadget_.

I followed the following link; 

https://confluence.atlassian.com/jirakb/how-to-fix-gadget-titles-showing-as-__msg_gadget-813697086.html

This brings me to the following page;

https://confluence.atlassian.com/kb/unable-to-connect-to-ssl-services-due-to-pkix-path-building-failed-779355358.html

I downloaded the SSLPoke.class file and SCP'd it to my JIRA server. 

Once used, I got the exact same error as on the page.

JorenDB_—_root_jira__opt_atlassian_jira_jre_bin_—_ssh_root_jira_mobco_hq_—_87×51.png

When adding my own truststore that I created for JIRA (to use JIRA over HTTPS), I get "successfully connected". 

JorenDB_—_root_jira__opt_atlassian_jira_jre_bin_—_ssh_root_jira_mobco_hq_—_201×51.png

This means that my root CA has been added to the truststore (of which I was certain even before this check). 

Then my question is; does anybody know how to solve this issue? 

If any more information is required; I'll be glad to give it! 

Thanks in advance

 

2 answers

1 accepted

This widget could not be displayed.

Hi all 

Issue has been resolved. 

Had to add my root CA to the jira /security/cacerts truststore!

Kind regards

This widget could not be displayed.
Brian Cohen Atlassian Team Nov 21, 2017

Hi!

As a next test I would recommend setting the Jira JVM argument to set the trust store to match the successful command above.
It may be that Jira isn't using the correct trust store.

In Linux you can edit the <jira-install>/bin/setenv.sh, find the JVM_SUPPORT_RECOMMENDED_ARGS=

and add to this -Djavax.net.ssl.trustStore=/opt/atlassian/jira/jira.jks

This assumes your Jira is running using the Embedded JRE as opposed to having a System JDK installed.

The alternative approach would be to install the Java JDK on your system and point Jira to use this. You would then add the certificates to the JVM default keystore:
$JAVA_HOME/jre/lib/security/cacerts

 

Another possible cause of the problem could be having iptables running on the machine or a proxy causing issues.

 

Best regards,
Brian

Suggest an answer

Log in or Sign up to answer
Atlassian Summit 2018

Meet the community IRL

Atlassian Summit is an excellent opportunity for in-person support, training, and networking.

Learn more
Community showcase
Posted Wednesday in New to Jira

Are you planning to trial, or are currently trialling Jira Software? - We want to talk to you!

Hello! I'm Rayen, a product manager at Atlassian. My team and I are working hard to improve the trial experience for Jira Software Cloud. We are interested in   talking to 20 people planning t...

124 views 2 0
Join discussion

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you