Problem with comment/create email handler over Pop3s

Hello,

I have a problem with my comment/create email handler. I need to connect to POP3 mailbox on our exchange server over SSL. I have followed instructions on following link https://confluence.atlassian.com/display/JIRA/Connecting+to+SSL+services but I am still getting error in jira logs when create/comment service runs from jira : “javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target”

All certs are imported to form a valid path. In my case it’s something like this CA01>CA02>CA04>OWA. Server was restarted after import but error remains.

I have used InstallCert for import, and when using command “java InstallCert my.owa.com” im getting message that certificate is already trusted.

I have also tried with class SSLPoke class from documentation and again “java SSLPoke my.owa.com 995” > Successfully connected

Tried also to check for Djavax.net.ssl.trustStore, and pointed it at my cacerts.

java -Djavax.net.ssl.trustStore="C:\Program Files\Java\jdk1.6.0_29\jre\lib\security\cacerts" SSLPoke my.owa.com 995

This command was also successfull, but this java property is missing anyway in java configuration for tomcat. Do i have to set it?

tomcat6w //ES//%SERVICENAME%

Am I missing something? Do I need to set some additional configuration, maybe in server.xml or something like that? Currently my jira is running in http, I only have to use ssl to access this pop3 account.

Jira 4.2 , java 1.6_29, oracle 10g, windows server 2003 SE SP2

Please advise, thank you!


Kind regards

2 answers

1 accepted

Accepted Answer
1 vote

Hi Marko,

If the SSLPoke app that I contributed works for you, you can be sure that if JIRA were to use the same cacerts file, then it too would be able to connect. From this, I can only guess that a different JRE is being used? Can you confirm that the very same JRE path is referred in JIRA system properties?

Dear Andy,

I can’t believe I have missed that tomcat was using default jvm from jira installation bin folder… C:\Program Files\Atlassian\JIRA 4.2.4-b591\jre\bin\server\jvm.dll…and I was right there looking at it…

Please post this as an answer so I can mark it as correct one.

Thank you very much, kind regards.

Suggest an answer

Log in or Sign up to answer
Community showcase
Posted Sep 25, 2018 in Jira

Atlassian Research Workshop opportunity on Sep. 28th in Austin, TX

We're looking for participants for a workshop at Atlassian! We need Jira admins who have interesting custom workflows, issue views, or boards. Think you have a story to sha...

456 views 7 5
Join discussion

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you