Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Pre-migration checks not working

M. Scott Vintinner
M. Scott Vintinner May 8, 2023

I'm trying to migrate our on-prem Jira Software instance to the cloud.  Unfortunately, I'm running into all sorts of trouble with the migration assistant.

When I try the "Assess and prepare your users", I get this message:

Snag_fdf2ebe.png

If I try to jump ahead and migrate just the users, I get this message:

Snag_fe07b72.png

Messages include:

We couldn't check for Jira Work Management availability in cloud
We couldn't check for Jira Software availability in cloud
Some required URLs need authorization for migration
We couldn't check for invalid users
We couldn't check Jira Software user limit of your cloud plan
We couldn't check for Jira Work Management user limit of your cloud plan

 

The server has full access (outbound) to the Internet and I'm not seeing anything blocked on the firewall.

Unfortunately, our Jira instance is small with only 10 users, so I don't qualify for support.  It's super frustrating.

Any help would be appreciated.

Answer
Watch
Like Be the first to like this
1018 views

2 answers

1 accepted

2 votes
Answer accepted
M. Scott Vintinner
M. Scott Vintinner May 11, 2023

Posting here in case anyone else has this issue. 

So here's the essential problem: the directions for setting up SSL for Jira (here:  https://confluence.atlassian.com/adminjiraserver073/running-jira-applications-over-ssl-or-https-861253906.html)  instruct you to create a new Java keystore and put your custom SSL certificates in it.  Unfortunately, this will prevent Java from successfully completing any SSL connection to a server whose SSL certificate chain is not in the new keystore. 

Since the cloud migration assistant needs to talk to AWS servers over SSL, it fails because it cannot create the SSL connection without trusted certificate chains (that are missing from the custom keystore created following the directions above).  Normally, java would use the default keystore here, which includes the necessary root certs:

e:\Atlassian\jira\jre\lib\security\cacerts

 

To resolve the issue, I merged the cacerts into my keystore file.  In the example below jira.jks is the custom keystore that has my server's SSL certs in it.  Obviously set your passwords for your keystores as necessary (default is changeit) and make a backup copy of your jks file before doing this.

e:\Atlassian\jira\jre\bin\keytool.exe -importkeystore -srckeystore e:\Atlassian\jira\jre\lib\security\cacerts -destkeystore e:\Atlassian\jira\jira.jks -srcstorepass changeit -deststorepass changeit

After merging the cacerts file with my custom keystore and restarting Jira, the migration wizard checks now all work as expected.

There's probably some fine print somewhere that I could've read to separately specify the cacerts file or something, but this worked in a pinch and our on-prem server's days are numbered anyway.

View More Comments
Julien REBILLARD
Julien REBILLARD January 4, 2024

Hello, I have the same problem, what did you enter in your jira.pks file?

Like
Reply
0 votes
M. Scott Vintinner
M. Scott Vintinner May 8, 2023

So this appears to be due to our Java Keystore configuration that was required to allow us to use our enterprise CA for SSL certificates and LDAPS with Active Directory.  I took our Jira site offline and disabled SSL (taking the java keystore file out of the equation) and then the cloud migration wizard works test all run successfully.

Assumption at this point is that I need to add some certificates to the java keystore file that we're using.

Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira
DEPLOYMENT TYPE
CLOUD
PRODUCT PLAN
STANDARD
TAGS
AUG Leaders

Atlassian Community Events

    See all events