Stash connection to non-default ports using TLS1.2 fails with SocketException: Connection reset


On this page

Still need help?

The Atlassian Community is here for you.

Ask the community


We perceived this issue specifically when a customer was using the 1.8.0_40-b25 JRE we ship with Stash to sync with his LDAP server.

It failed with the following message in the atlassian-stash.log:

 2015-04-30 07:02:21,198 ERROR [clusterScheduler_Worker-4]  c.a.c.d.DbCachingDirectoryPoller Error occurred while refreshing the cache for directory [ 32770 ].
org.springframework.ldap.CommunicationException: simple bind failed:; nested exception is javax.naming.CommunicationException: simple bind failed: [Root exception is Connection reset]
Caused by: Connection reset
	at ~[na:1.8.0_40]
	at ~[na:1.8.0_40]
	at ~[na:1.8.0_40]
	at ~[na:1.8.0_40]
	at ~[na:1.8.0_40]
	at ~[na:1.8.0_40]
	at ~[na:1.8.0_40]
	at ~[na:1.8.0_40]
	at com.sun.jndi.ldap.Connection.createSocket( ~[na:1.8.0_40]
	at com.sun.jndi.ldap.Connection.<init>( ~[na:1.8.0_40]
	... 54 common frames omitted


The customer was connecting to his LDAP server using:


This stack overflow post details the tests done around that specific issue.

To sum up, Java 8 adds TLS1.2 as default and when using this protocol to connect to a port other than the default (443) one, it doesn't work. This could be due to a bug in Java 8.




  • Workaround 1: Add the following line to JVM_SUPPORT_RECOMMENDED_ARGS in STASH_INSTALL/bin/ to switch enable TLSv1 and restart Stash:
  • Workaround 2: Downgrade your Java to Java 7.


Use a version of Java 8 that doesn't contain this bug.


Last modified on Mar 30, 2016

Was this helpful?

Provide feedback about this article
Powered by Confluence and Scroll Viewport.