The Atlassian Marketplace Server is not Reachable Due to Peer Not Authenticated
When going to manage/add new add-ons page, this error is displayed:
The Atlassian Marketplace server is not reachable. To avoid problems when loading this page, you can disable the connection to the Marketplace server
The Confluence logs contain the following errors:
2013-10-29 14:30:17,194 WARN [http-bio-7990-exec-5] user 870x497x1 1lzkc13 XXX.XXX.XXX.XXX,127.0.0.1 "GET /plugins/servlet/upm/marketplace HTTP/1.0" com.atlassian.upm.pac.PacClientImpl Error when querying application info from MPAC: com.atlassian.marketplace.client.MpacException: javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
The Atlassian Marketplace needs to verify the SSL connection between Confluence and itself. This occurs because the certificate is missing or has been tampered with by the local Proxy.
If using Windows we recommend using the tool specified in Connecting to SSL services to do this as it is easier.
To resolve this you need to manually add the certificates to your truststore. There are two ways to achieve this:
Use the SSL Plugin:
- Install SSL Plugin in order to upload the Certificates into Confluence TrustStore
- Add the following Certificates, it has to be in this specific order:
- Confluence を再起動します。
Manually import the certificates using the steps below (note that you'll still need to fetch the cert files from above with openssl):
- Download the following certificates with the commands below and remove everything but the certificates themselves:
openssl s_client -connect marketplace.atlassian.com:443 < /dev/null | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > marketplace.atlassian.com.crt openssl s_client -connect plugins.atlassian.com:443 < /dev/null | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > plugins.atlassian.com.crt
openssl s_client -connect marketplace.atlassian.com:443 < NUL > marketplace.atlassian.com.crt openssl s_client -connect plugins.atlassian.com:443 < NUL > plugins.atlassian.com.crt
After saving the certificates in Windows, edit them and delete everything before the "BEGIN CERTIFICATE" line and everything after the "END CERTIFICATE" line. This step is not required for Linux.
And then import them into your truststore in this order:
keytool -import -alias marketplace.atlassian.com:443 -keystore /path/to/truststore -file /path/to/marketplace.atlassian.com.crt keytool -import -alias plugins.atlassian.com:443 -keystore /path/to/truststore -file /path/to/plugins.atlassian.com.crt
The trust store is located in the following directories:
- Mac OS (not supported):
If keytool prompts for a password, the default is