Accessing Fisheye/Crucible over SSL results in "ERR_SSL_VERSION_OR_CIPHER_MISMATCH"

Platform Notice: Data Center Only - This article only applies to Atlassian products on the Data Center platform.

Note that this KB was created for the Data Center version of the product. Data Center KBs for non-Data-Center-specific features may also work for Server versions of the product, however they have not been tested. Support for Server* products ended on February 15th 2024. If you are running a Server product, you can visit the Atlassian Server end of support announcement to review your migration options.

*Except Fisheye and Crucible

Summary

After configuring SSL for Fisheye/Crucible, following Fisheye SSL configuration, and accessing the URL https://<mydomain.com>:8443, for example, the browser shows the error ERR_SSL_VERSION_OR_CIPHER_MISMATCH.

Environment

Fisheye/Crucible 4.7, 4.8

Diagnosis

Check the keystore type: 

1 2 3 4 $JAVA_HOME/bin/keytool -v -list -keystore "<full-path-to-keystore-file>" Enter keystore password: Keystore-Type: PKCS12 Keystore-Provider: SUN

Cause

The keystore type is PKCS12, whereas Fisheye/Crucible works with JKS, which is the default for Java 8.

Solution

If the keystore was generated with java >8, or explicitly set to PKCS12, it will need to be converted to JKS type. An example on how to convert this would be:

1 keytool -importkeystore -srckeystore <sourcekeystore> -srcstoretype pkcs12 -srcstorepass <password> -srcalias <alias> -destkeystore <destinationkeystore>.jks -deststoretype jks -deststorepass <password> -destalias <alias>

Updated on March 21, 2025
Platform
Data Center only
Products
Crucible Data Center
Fisheye Data Center
On this pageSummaryDiagnosisCauseSolution

Still need help?

The Atlassian Community is here for you.
Ask the Community