Enable DEBUG logging for SSL Handshake

Related content

  • No related content found

Still need help?

The Atlassian Community is here for you.

Ask the community


Platform notice: Server and Data Center only. This article only applies to Atlassian products on the Server and Data Center platforms.

Support for Server* products ended on February 15th 2024. If you are running a Server product, you can visit the Atlassian Server end of support announcement to review your migration options.

*Except Fisheye and Crucible


Purpose

When Confluence refuses or drops an SSL/TLS connection coming from a remote server or client, the first stop to investigate is whether the SSL Handshake is happening between the source and the destination. 

The only way to understand what is happening during the SSL Handshake is to get more information on the underlying mechanism.

For Reference: 

RFC 5246 - The Transport Layer Security (TLS) Protocol

Oracle - Debugging SSL/TLS Connections

Solution

The solution here is to enable DEBUG logging for SSL Handshake to understand why Confluence server dropped that connection:

  • Stop Confluence server
  • Add a JVM Argument
    • Modify the file setenv.sh or setenv.bat found in <confluence-install>/bin

    • Add the argument to CATALINA_OPTS

      CATALINA_OPTS="-Djavax.net.debug=ssl:handshake:verbose ${CATALINA_OPTS}"
    (warning) Note that this will insert a large amount of messages in the log file. Make sure to disable it once you are done with the investigation.

  • Start Confluence

  • The logs can been found in <install directory>/logs/catalina.out


Last modified on Jan 27, 2023

Was this helpful?

Yes
No
Provide feedback about this article

Related content

  • No related content found
Powered by Confluence and Scroll Viewport.