Problem with comment/create email handler over Pop3s

Hello,

I have a problem with my comment/create email handler. I need to connect to POP3 mailbox on our exchange server over SSL. I have followed instructions on following link https://confluence.atlassian.com/display/JIRA/Connecting+to+SSL+services but I am still getting error in jira logs when create/comment service runs from jira : “javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target”

All certs are imported to form a valid path. In my case it’s something like this CA01>CA02>CA04>OWA. Server was restarted after import but error remains.

I have used InstallCert for import, and when using command “java InstallCert my.owa.com” im getting message that certificate is already trusted.

I have also tried with class SSLPoke class from documentation and again “java SSLPoke my.owa.com 995” > Successfully connected

Tried also to check for Djavax.net.ssl.trustStore, and pointed it at my cacerts.

java -Djavax.net.ssl.trustStore="C:\Program Files\Java\jdk1.6.0_29\jre\lib\security\cacerts" SSLPoke my.owa.com 995

This command was also successfull, but this java property is missing anyway in java configuration for tomcat. Do i have to set it?

tomcat6w //ES//%SERVICENAME%

Am I missing something? Do I need to set some additional configuration, maybe in server.xml or something like that? Currently my jira is running in http, I only have to use ssl to access this pop3 account.

Jira 4.2 , java 1.6_29, oracle 10g, windows server 2003 SE SP2

Please advise, thank you!


Kind regards

2 answers

1 accepted

Hi Marko,

If the SSLPoke app that I contributed works for you, you can be sure that if JIRA were to use the same cacerts file, then it too would be able to connect. From this, I can only guess that a different JRE is being used? Can you confirm that the very same JRE path is referred in JIRA system properties?

Dear Andy,

I can’t believe I have missed that tomcat was using default jvm from jira installation bin folder… C:\Program Files\Atlassian\JIRA 4.2.4-b591\jre\bin\server\jvm.dll…and I was right there looking at it…

Please post this as an answer so I can mark it as correct one.

Thank you very much, kind regards.

Suggest an answer

Log in or Join to answer
Community showcase
Sarah Schuster
Posted Jan 29, 2018 in Jira

What are common themes you've seen across successful & failed Jira Software implementations?

Hey everyone! My name is Sarah Schuster, and I'm a Customer Success Manager in Atlassian specializing in Jira Software Cloud. Over the next few weeks I will be posting discussion topics (8 total) to ...

3,323 views 14 20
Join discussion

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you
Atlassian Team Tour

Join us on the Team Tour

We're bringing product updates and pro tips on teamwork to ten cities around the world.

Save your spot