Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Peer not authenticated Jira OAuthTutorialClient

Roger Crerie
Roger Crerie June 5, 2018

I have been tasked to learn about using OAuth for an application we are developing.  I have downloaded the OAuthTutorialClient and followed the instructions found here....
https://developer.atlassian.com/server/jira/platform/oauth/

After following the instructions all I am seeing is the following.....

javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
at sun.security.ssl.SSLSessionImpl.getPeerCertificates(Unknown Source)
at org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:128)
at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:339)
at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:123)
at org.apache.http.impl.conn.AbstractPoolEntry.open(AbstractPoolEntry.java:147)
at org.apache.http.impl.conn.AbstractPooledConnAdapter.open(AbstractPooledConnAdapter.java:108)
at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:415)
at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:641)
at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:576)
at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:554)
at com.google.api.client.http.apache.ApacheHttpRequest.execute(ApacheHttpRequest.java:67)
at com.google.api.client.http.HttpRequest.execute(HttpRequest.java:981)
at com.google.api.client.auth.oauth.AbstractOAuthGetToken.execute(AbstractOAuthGetToken.java:73)
at com.atlassian.oauth.client.example.JiraOAuthClient.getAndAuthorizeTemporaryToken(JiraOAuthClient.java:37)
at com.atlassian.oauth.client.example.OAuthClient.handleGetRequestTokenAction(OAuthClient.java:69)
at com.atlassian.oauth.client.example.OAuthClient.execute(OAuthClient.java:51)
at com.atlassian.oauth.client.example.ClientMain.main(ClientMain.java:23)

 

I am running Jira (v7.1.10#71014-sha1:8f9212c). Java version openjdk version "1.8.0_171". It is running behind a Apache HTTP reverse proxy.  The server.xml file is setup properly to handle the reverse proxy with proxyName=<proxy name> proxyPort="443" scheme="https" secure="true"

 

We have no problems access Jira normally behind the proxy so there shouldn't be any problems there.  Can I get any advice as to what to look for to help debug this problem?

 More INFO:

After turning on SSL debugging I saw that I needed to put the Jira servers certificate on my system running the tutorial client.  I added the cert via key tool but now still am seeing a problem but this time it is a hangup which is causing the peer not authenticated problem.....

main, WRITE: TLSv1.2 Handshake, length = 221
main, received EOFException: error
main, handling exception: javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake
main, SEND TLSv1.2 ALERT: fatal, description = handshake_failure
main, WRITE: TLSv1.2 Alert, length = 2
main, called closeSocket()
main, IOException in getSession(): javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake
javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated

Answer
Watch
Like Be the first to like this
2344 views

2 answers

0 votes
nevro
nevro April 14, 2020

Reason for this is peer (the instance try to access by OAuthTutorialClient ) not secure.

if you try to access the instance with https:// url_for_instance.com using a browser it shows that not secure. 

so you need to secure the peer by installing valid cert  to host server (where peer is hosted) create secure connection. 
When I faced the same issue, that's  how I sorted out it.

Reply
0 votes
Moses Thomas
Moses Thomas
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
June 5, 2018

@Roger CreriePlease could you  state exactly  what you hope to  achieve using OAuth ?

View More Comments
Roger Crerie
Roger Crerie June 5, 2018

Eventually we want to try to use OAuth to have an application use it sometimes to get Jira ticket information. We want to try and do this instead of having to store username/password information and get the Jira ticket information with BasicAuthentication. Again this is a trial to see if this is going to be able to do what we want it to do. My first goal was to use the tutorial to see what is possible.  My problem is that I can't get the trial application to get me a request token so I can move forward in the OAuth Process.

Like
Moses Thomas
Moses Thomas
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
June 5, 2018

@Roger CrerieIt is  quite complex  topic it took  me some time to  understand and make it work in my  instance  the same specification you've just ask. 

1. You need to configure application links (in coming) , that is third party application with you jira instance, see good article https://www.prodpad.com/blog/tech-tutorial-oauth-in-jira/ on how to configure application link for third party.

Also see how to generate public and private key,

https://confluence.atlassian.com/jirakb/how-to-generate-public-key-to-application-link-3rd-party-applications-913214098.html

 

2. You will need to generate Access token, (doing the OAuth dance) I suggest you use Python code to generate it , easier. https://bitbucket.org/atlassian_tutorial/atlassian-oauth-examples/src/3f0d22c5b1d8749fae6f05aa3556ca8ac3724b5a/python/?at=default

 

Once you are able to generate this access token if you succeed it will display a link to ( log in as this user Admin for example which you want to use to access Jira data,(tickets in Jira for example) then approve access to Jira using this user.

 

3. Then you can use this user in you external application(code to access Jira, by adding private key parameter in python code for instance that accesses Jira data in  your Jira instance)

 

Best, I hope this helps.

Like
Roger Crerie
Roger Crerie June 5, 2018

Thanks for this. I have followed basically the same instructions here... https://developer.atlassian.com/server/jira/platform/oauth/ 

The are basically the same thing as what you have listed. I have done the step 1 part but my problem now is getting through step 2 (getting the Access Token) I can't get the link back from the Jira server for some reason.  Again turning on debugging (I am using the Java oauth example client) with -Djavax.net.debug=ssl,handshake showed me the Jira seems to be closing the connection for some reason (I cannot find the log file to see why) 

main, WRITE: TLSv1.2 Handshake, length = 235
main, received EOFException: error
main, handling exception: javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake
main, SEND TLSv1.2 ALERT: fatal, description = handshake_failure
main, WRITE: TLSv1.2 Alert, length = 2
main, called closeSocket()
main, IOException in getSession(): javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake
javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated

 

I will keep messing around to see if I can find the proper log file letting me know why the Jira server is closing the connection.

Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira Software
TAGS
AUG Leaders

Atlassian Community Events

    See all events