JIRA Documentation

JIRA 6.4.x
JIRA 6.0 Documentation
JIRA 5.2 Documentation
JIRA 5.1 Documentation
More...
 

 

Search the Knowledge Base and Documentation Spaces

You're visiting the JIRA Knowledge Base. Visit the JIRA Knowledge Base Home for an overview.

Skip to end of metadata
Go to start of metadata

Contents

Diagnosis

Here are some troubleshooting tips if you are using a self-signed key created by keytool, as described above.

When you enter "https://localhost:8443" in your browser, if you get a message such as "Cannot establish a connection to the server at localhost:8443", look for error messages in your logs/catalina.out log file. Here are some possible errors with explanations:

SSL + Apache + IE problems

Some people have reported errors when uploading attachments over SSL using IE. This is due to an IE bug, and can be fixed in Apache by setting:

Google has plenty more on this.

Can't find the keystore

This indicates that Tomcat cannot find the keystore. The keytool utility creates the keystore as a file called .keystore in the current user's home directory. For Unix/Linux the home directory is likely to be /home/<username>. For Windows it is likely to be C:\Documents And Settings\<UserName>.

Make sure you are running JIRA as the same user who created the keystore. If this is not the case, or if you are running JIRA on Windows as a service, you will need to specify where the keystore file is in conf/server.xml. Add the following attribute to the connector tag you uncommented:

Incorrect password

You used a different password than "changeit". You must either use "changeit" for both the keystore password and for the key password for Tomcat, or if you want to use a different password, you must specify it using the keystorePass attribute of the Connector tag, as described above.

Passwords don't match

You specified a different value for the keystore password and the key password for Tomcat. Both passwords must be the same.

Wrong certificate

If the Keystore has more than one certificate, Tomcat will use the first returned unless otherwise specified in the SSL Connector in conf/server.xml.

Add the keyAlias attribute to the Connector tag you uncommented, with the relevant alias, for example:

Using JAVA 6 with JIRA 6.x

If all parameter were correctly set, and the SSLPoke test mention in the page Unable to Connect to SSL Services due to PKIX Path Building Failed sun.security.provider.certpath.SunCertPathBuilderException is also OK.

The following error message appeared in the outgoing authentication configuration screen for the application link:

If you're running JIRA 6 with JAVA 1.6, you might need to upgrade to JAVA 1.7. Please refer to the page Supported Platforms for JIRA 6.0.

Common Causes for SSL issues

Expand the titles below to see the common causes for SSL issues:

Knowledge Base Articles

Check known SSL issues from our Knowledge Base
  • No labels