Synchronisation are not working after updating Java

Platform Notice: Data Center Only - This article only applies to Atlassian products on the Data Center platform.

Note that this KB was created for the Data Center version of the product. Data Center KBs for non-Data-Center-specific features may also work for Server versions of the product, however they have not been tested. Support for Server* products ended on February 15th 2024. If you are running a Server product, you can visit the Atlassian Server end of support announcement to review your migration options.

*Except Fisheye and Crucible

Summary

Problem

After updating Java, crowd no longer synchronised with Confluence and Jira.

The following appears in the atlassian-confluence.log or atlassian-jira.log

1 2 2015-07-21 14:03:17,348 ERROR [scheduler_Worker-3] [atlassian.crowd.directory.DbCachingDirectoryPoller] pollChanges Error occurred while refreshing the cache for directory [ 294914 ]. com.atlassian.crowd.exception.OperationFailedException: org.springframework.ldap.CommunicationException: xxxx.xxxxxx.xx:xxx; nested exception is javax.naming.CommunicationException: xxxx.xxxxxx.xx:xxx [Root exception is javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No subject alternative names matching IP address xxx.xxx.xx.xx found]

Diagnosis

Environment

  • Java version: 1.7.0_45 and 1.8.0_51 ( There might be other java version that are affected)

Cause

If the instance is using SSL, you will need to explicitly state the IP address in the certificate. For more information you may read this blog.

Solution

Workaround

  • Add the following parameter in Setenv,sh. Make sure Secure SSL is ticked.

    1 -Djdk.tls.trustNameService=true

Resolution

  • If you'd like to connect via using IP as hostname, your certificate should include that ip value as a subject alternative name value (of type IPAddress : key=7).

  • If you'd like to connect via using DNS as hostname, your certificate should either include that DNS name as a subject alternative name value (of type DNS : key=2) or as a CommonName(CN) value.

Updated on April 2, 2025
Platform
Data Center only
Product
Confluence Data Center
On this pageSummaryDiagnosisCauseSolution

Still need help?

The Atlassian Community is here for you.
Ask the Community