Jira fails to send webhooks to a custom URL

Related content

  • No related content found

Still need help?

The Atlassian Community is here for you.

Ask the community

Platform notice: Server and Data Center only. This article only applies to Atlassian products on the Server and Data Center platforms.

Support for Server* products ended on February 15th 2024. If you are running a Server product, you can visit the Atlassian Server end of support announcement to review your migration options.

*Except Fisheye and Crucible

Problem

Jira is unable to send webhooks to a custom URL which requires the calling client to use SNI. This might also affect other types of links with the custom URL (eg. application links)

  • When sending webhooks to your URL (with com.atlassian.webhooks enabled for DEBUG), we don't see any WebHook successfully sent message even though we can see that the webhooks is sent
  • When sending webhooks using Service Management automation, we can see a handshake_failure error. The following appears in the atlassian-jira.log
2016-12-13 16:12:17,967 Caesium-1-4 WARN it support [execution.engine.asyncthen.AsyncThenJobProcessor] Failed executing ThenAction com.atlassian.servicedesk.plugins.automation.webhook.rulethen.WebhookThenAction asynchronously: 'Unable to obtain status code from webhook server: java.lang.RuntimeException: javax.net.ssl.SSLException: Received fatal alert: handshake_failure'

Diagnosis

cURL, wget and SSLPoke from the Jira server to the URL will work fine

Cause

The following JVM argument is being applied to the Jira instance

  • -Djsse.enableSNIExtension=false

This disables SNI support for Jira. You can try SSLPoke with this argument

computer:~/sslpoke$ java SSLPoke example.com 443
Successfully connected
computer:~/sslpoke$ java -Djsse.enableSNIExtension=false SSLPoke example.com 443
javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
	at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
	at sun.security.ssl.Alerts.getSSLException(Alerts.java:154)
	at sun.security.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:2023)
	at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1125)
	at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1375)
	at sun.security.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:747)
	at sun.security.ssl.AppOutputStream.write(AppOutputStream.java:123)
	at sun.security.ssl.AppOutputStream.write(AppOutputStream.java:138)
	at SSLPoke.main(SSLPoke.java:31)

 

Resolution

Remove that JVM argument and restart Jira for it to take effect

 

Last modified on Nov 23, 2020

Was this helpful?

Yes
No
Provide feedback about this article

Related content

  • No related content found
Powered by Confluence and Scroll Viewport.