Cannot add JIRA as a trusted application due to multiple trusted applications
プラットフォームについて: Server および Data Center のみ。この記事は、Server および Data Center プラットフォームのアトラシアン製品にのみ適用されます。
Support for Server* products ended on February 15th 2024. If you are running a Server product, you can visit the Atlassian Server end of support announcement to review your migration options.
*Fisheye および Crucible は除く
問題
The atlassian-confluence.log contains this error:
2008-04-30 15:37:29,524 ERROR [http-8040-Processor22] [[Catalina].[localhost].[/confluence].[noop]] invoke Servlet.service() for servlet noop threw exception
java.lang.NullPointerException
at com.atlassian.seraph.filter.TrustedApplicationsFilter.doFilter(TrustedApplicationsFilter.java:86)
at com.atlassian.confluence.util.AbstractBootstrapHotSwappingFilter.doFilter(AbstractBootstrapHotSwappingFilter.java:28)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:215)
...
at java.lang.Thread.run(Thread.java:619)
または
java.lang.NullPointerException
at com.atlassian.security.auth.trustedapps.filter.TrustedApplicationsFilter$CertificateServerImpl.writeCertificate(TrustedApplicationsFilter.java:201)
at com.atlassian.security.auth.trustedapps.filter.TrustedApplicationsFilter.doFilter(TrustedApplicationsFilter.java:90)
at com.atlassian.confluence.util.AbstractBootstrapHotSwappingFilter.doFilter(AbstractBootstrapHotSwappingFilter.java:30)
at com.atlassian.core.filters.AbstractHttpFilter.doFilter(AbstractHttpFilter.java:31)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at com.atlassian.seraph.filter.BaseLoginFilter.doFilter(BaseLoginFilter.java:150)
原因
Confluence cannot fetch or process the keypair from KEYSTORE:
JIRA Trusted Application console
The connection to host http://yourdomain.com could not be established due to an error:
java.io.IOException: Server returned HTTP response code: 500 for URL: http://yourdomain.com/admin/appTrustCertificate.
There may be other entries in the KEYSTORE table from other trusted connections between Confluence (for instance Fisheye). The query to retrieve the keypair may retrieve all keys from KEYSTORE but the code relies on the assumption that only one keypair (the one for JIRA) is present in the table.
ソリューション
Newer Confluence versions (7.19.X and 8.5.X) do no longer allow JSP files to be loaded from the <confluence-install-dir>. Hence, you need to follow the steps in CONFSERVER-93646 - Getting issue details... STATUS for this resolution.
データベースを変更する前には必ずデータをバックアップするようにします。
- Delete all entries in the Confluence DB table: KEYSTORE
- Delete all of the Confluence entries in the JIRA DB table: trustedapp
- Run this JSP in Confluence to create a fresh keypair in KEYSTORE
- Set up trust in JIRA