Hello,
i finished the configuration of the reverse proxy on Https for Jira and Confluence but now i have the following error on the main screen.
I think the problem is caused by the proxy, i only change the server.xml connector section. Have i to configure otherelse? I found other topic about this problem https://community.atlassian.com/t5/Jira-questions/gadget-common-error-500-using-nginx-and-HTTPS/qaq-p/1091220 but i don't find actually the origin of the problem.
Thank you for your help
Hello Julian,
Sorry to hear you are facing a problem.
Per the description of your error, it seems that you are being impacted by the problem mentioned in the article below:
Jira activity stream gadget throws gadget.common.error.500
Basically, an invalid or absence of a certificate can lead to such errors. Could you please double-check if you are using the correct certificate? Also, check if the correct baseUrl is set in the System -> General Configuration.
If that's not the problem, I saw another customer facing the same problem after configuring direct SSL with self-signed certificates in JIRA 8.0.1 tomcat. As you can see in this thread, he managed to fix it by adding his self-signed ca and server certificates to tomcats JRE Keystore:
keytool -importkeystore -destkeystore cacerts -srckeystore /opt/certs/servkeystore.p12 -srcstoretype pkcs12 -alias tomcat -deststorepass changeit -srcstorepass <yourstorepass> -validity 3650
keytool -importkeystore -destkeystore cacerts -srckeystore /opt/certs/keystore.p12 -srcstoretype pkcs12 -alias ca -deststorepass changeit -srcstorepass <yourstorepass> -validity 3650
Let me know if those suggestions work for you.
Hello,
thanks for reply! I solved yesterday this error by adding the cert (auto signed) to the Trustedstore , all was OK in the health. But today i created a new certificate with Letsencrypt (to avoid warning unsecure site) and even i added it to the Trustedstore, i have the error. I added it to the store of java and jira.
If i list the Trustedstore cert, i see my certificate. I redo exactly the same than the other auto signed certificate. Is it possible that the certificate need to respect an c
characteristics ?
here the error in atlassian-jira.log
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.provider.certpath.SunCertPathBuilder.build(SunCertPathBuilder.java:141)
at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:126)
at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:280)
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:392)
... 308 more
I use this process for the check :
https://bitbucket.org/atlassianlabs/httpclienttest/src/master/
Result :
HTTPClient: Connection Successful to https://nas.xxx.be:443
With SSLPoke: (10 minutes before, i had an error... -_- )
root@Jira:/home/linus# java SSLPoke nas.pxxx.be 443
Successfully connected
I still have the error on the dashboard :(
An idea? Thanks !
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
I solved my problem by changing the JAVA_HOME in the setenv.sh by the JRE
You need to install JRE => apt-get install default-jre
#JAVA_HOME="/opt/atlassian/jira/jre/"; export JAVA_HOME => OLD
JAVA_HOME=$JAVA_HOME => NEW
/usr/lib/jvm/java-8-openjdk-amd64/jre = $JAVA_HOME
You need to add in manually (ex : JAVA_HOME=usr/lib/jvm/java-8-openjdk-amd64/jre)
OR
declare it in /etc/environment (edit file and add JAVA_HOME=/usr/lib/jvm/java-8-openjdk-amd64/jre)
Close and repoen session
try it by taping $JAVA_HOME you will see /usr/lib/jvm/java-8-openjdk-amd64/jre
:-)
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hey Julien,
Thanks a lot for the detailed description on how you managed to solve your issue.
have a nice week and let me know in case you have any further questions.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Thank a lot of the detailed descriptions on the managed to solve your issue have a nice .Week and let me know is case you have any further..
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.