Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

Jira rest java client https problem

Hamza KOHEN January 1, 2014

Hi all,

Its been a long time i am strugling with this problem : i use Jira rest java client in a java app this way :

MainInterface.factory= new AsynchronousJiraRestClientFactory();
				
MainInterface.restClient =  (MainInterface.factory).createWithBasicHttpAuthentication(MainInterface.jiraServerUri, login, pass);

But i'm triying to access to a jira instance of my company which url is : https://jira.xxxx.com/

the probleme is that i keep having this issue :

javax.net.ssl.SSLHandshakeException: General SSLEngine problem
	at com.sun.net.ssl.internal.ssl.Handshaker.checkThrown(Unknown Source)
	at com.sun.net.ssl.internal.ssl.SSLEngineImpl.checkTaskThrown(Unknown Source)
	at com.sun.net.ssl.internal.ssl.SSLEngineImpl.writeAppRecord(Unknown Source)
	at com.sun.net.ssl.internal.ssl.SSLEngineImpl.wrap(Unknown Source)
	at javax.net.ssl.SSLEngine.wrap(Unknown Source)
	at org.apache.http.nio.reactor.ssl.SSLIOSession.doWrap(SSLIOSession.java:220)
	at org.apache.http.nio.reactor.ssl.SSLIOSession.doHandshake(SSLIOSession.java:254)
	at org.apache.http.nio.reactor.ssl.SSLIOSession.isAppInputReady(SSLIOSession.java:370)
	at org.apache.http.impl.nio.reactor.AbstractIODispatch.inputReady(AbstractIODispatch.java:118)
	at org.apache.http.impl.nio.reactor.BaseIOReactor.readable(BaseIOReactor.java:160)
	at org.apache.http.impl.nio.reactor.AbstractIOReactor.processEvent(AbstractIOReactor.java:342)
	at org.apache.http.impl.nio.reactor.AbstractIOReactor.processEvents(AbstractIOReactor.java:320)
	at org.apache.http.impl.nio.reactor.AbstractIOReactor.execute(AbstractIOReactor.java:280)
	at org.apache.http.impl.nio.reactor.BaseIOReactor.execute(BaseIOReactor.java:106)
	at org.apache.http.impl.nio.reactor.AbstractMultiworkerIOReactor$Worker.run(AbstractMultiworkerIOReactor.java:604)
	at java.lang.Thread.run(Unknown Source)

I tiyed to add the certitifcate to the the truststore but its effectless. I tried also some clues found on the net but nothing changes. Please if someone can give me a hand on this one it would be very nice . Thanks in advance !

9 answers

Comments for this post are closed

Community moderators have prevented the ability to post new answers.

Post a new question

1 vote
Sudhirkumar Tupe
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
April 7, 2014

HI Aleksander Mierzwicki [Atlassian]

What to do if certificate is expired??

I am trying to access JIRA of my client. Getting SSL handshake exception. :)

1 vote
Hamza KOHEN January 9, 2014

Hello Aleksander,

Sorry for the late answer i didnt have much time to work on this subject. I figured out that the cert of the jira instance i'm tying to ping changes each week . Thus the donwloading cert trick will not work . Is there any method to tell my java app to accept/trust all certs?

Aleksander Mierzwicki _
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
January 9, 2014

Probably there is a way to do that but I'm not familiar with any.

Btw, it sound's like the problem is with that cert itself, not with the client ;) Why do you use ssl anyway if the certificate changes that often (to non-trusted cert)? This sounds like a big security issue (anyone can easily execute MITM attack).

You can always download and add certificate to trust store before each execution of client if you can't find a way to ignore certs ;).

0 votes
Aleksander Mierzwicki _
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
January 1, 2014

Can you try to fire JRJC to some server with proper cert? Like https://jira.atlassian.com/- if it will work fine (no SSL error) then you should try to play with cert store again (this should solve problem).

Did you tried this https://answers.atlassian.com/questions/202085/ssl-error-jrjc?

Dobule check that you add proper cert to certstore and that java knows where the certstore is.

Also, have you tried enabling debug mode for ssl? http://stackoverflow.com/questions/9210514/unable-to-find-valid-certification-path-to-requested-target-error-even-after-c

java -Djavax.net.debug=all -Djavax.net.ssl.trustStore=trustStore .
0 votes
Hamza KOHEN January 1, 2014
2 janv. 2014 10:18:11 org.apache.http.impl.nio.client.LoggingAsyncRequestExecutor exception
GRAVE: http-outgoing-1 [CLOSED] HTTP protocol exception: null
java.nio.channels.ClosedChannelException
	at sun.nio.ch.SocketChannelImpl.ensureReadOpen(Unknown Source)
	at sun.nio.ch.SocketChannelImpl.read(Unknown Source)
	at org.apache.http.nio.reactor.ssl.SSLIOSession.receiveEncryptedData(SSLIOSession.java:340)
	at org.apache.http.nio.reactor.ssl.SSLIOSession.isAppInputReady(SSLIOSession.java:366)
	at org.apache.http.impl.nio.reactor.AbstractIODispatch.inputReady(AbstractIODispatch.java:118)
	at org.apache.http.impl.nio.reactor.BaseIOReactor.validate(BaseIOReactor.java:220)
	at org.apache.http.impl.nio.reactor.AbstractIOReactor.execute(AbstractIOReactor.java:284)
	at org.apache.http.impl.nio.reactor.BaseIOReactor.execute(BaseIOReactor.java:106)
	at org.apache.http.impl.nio.reactor.AbstractMultiworkerIOReactor$Worker.run(AbstractMultiworkerIOReactor.java:604)
	at java.lang.Thread.run(Unknown Source)

0 votes
Hamza KOHEN January 1, 2014

sorry for the fragmented text ! its a pain to add several lines of code .

0 votes
Hamza KOHEN January 1, 2014
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
	at sun.security.validator.PKIXValidator.doBuild(Unknown Source)
	at sun.security.validator.PKIXValidator.engineValidate(Unknown Source)
	at sun.security.validator.Validator.validate(Unknown Source)
	at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.validate(Unknown Source)
	at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown Source)
	at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown Source)
	... 17 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
	at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(Unknown Source)
	at java.security.cert.CertPathBuilder.build(Unknown Source)
	... 23 more

0 votes
Hamza KOHEN January 1, 2014
Caused by: javax.net.ssl.SSLHandshakeException: General SSLEngine problem
	at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Unknown Source)
	at com.sun.net.ssl.internal.ssl.SSLEngineImpl.fatal(Unknown Source)
	at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Unknown Source)
	at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Unknown Source)
	at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(Unknown Source)
	at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(Unknown Source)
	at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Unknown Source)
	at com.sun.net.ssl.internal.ssl.Handshaker$1.run(Unknown Source)
	at java.security.AccessController.doPrivileged(Native Method)
	at com.sun.net.ssl.internal.ssl.Handshaker$DelegatedTask.run(Unknown Source)
	at org.apache.http.nio.reactor.ssl.SSLIOSession.doRunTask(SSLIOSession.java:238)
	at org.apache.http.nio.reactor.ssl.SSLIOSession.doHandshake(SSLIOSession.java:270)
	... 9 more

0 votes
Hamza KOHEN January 1, 2014

hi aleksander ! here is the full stacktrace :

GRAVE: http-outgoing-1 [ACTIVE] HTTP protocol exception: General SSLEngine problem
javax.net.ssl.SSLHandshakeException: General SSLEngine problem
	at com.sun.net.ssl.internal.ssl.Handshaker.checkThrown(Unknown Source)
	at com.sun.net.ssl.internal.ssl.SSLEngineImpl.checkTaskThrown(Unknown Source)
	at com.sun.net.ssl.internal.ssl.SSLEngineImpl.writeAppRecord(Unknown Source)
	at com.sun.net.ssl.internal.ssl.SSLEngineImpl.wrap(Unknown Source)
	at javax.net.ssl.SSLEngine.wrap(Unknown Source)
	at org.apache.http.nio.reactor.ssl.SSLIOSession.doWrap(SSLIOSession.java:220)
	at org.apache.http.nio.reactor.ssl.SSLIOSession.doHandshake(SSLIOSession.java:254)
	at org.apache.http.nio.reactor.ssl.SSLIOSession.isAppInputReady(SSLIOSession.java:370)
	at org.apache.http.impl.nio.reactor.AbstractIODispatch.inputReady(AbstractIODispatch.java:118)
	at org.apache.http.impl.nio.reactor.BaseIOReactor.readable(BaseIOReactor.java:160)
	at org.apache.http.impl.nio.reactor.AbstractIOReactor.processEvent(AbstractIOReactor.java:342)
	at org.apache.http.impl.nio.reactor.AbstractIOReactor.processEvents(AbstractIOReactor.java:320)
	at org.apache.http.impl.nio.reactor.AbstractIOReactor.execute(AbstractIOReactor.java:280)
	at org.apache.http.impl.nio.reactor.BaseIOReactor.execute(BaseIOReactor.java:106)
	at org.apache.http.impl.nio.reactor.AbstractMultiworkerIOReactor$Worker.run(AbstractMultiworkerIOReactor.java:604)
	at java.lang.Thread.run(Unknown Source)

0 votes
Aleksander Mierzwicki _
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
January 1, 2014

Is that the full stacktrace? Few more lines with CausedBy would be helpfull. If that's full stacktrace, then it will be hard to tell anything here :<.

Comments for this post are closed

Community moderators have prevented the ability to post new answers.

Post a new question

TAGS
AUG Leaders

Atlassian Community Events