Problem communicating with Crowd due to CertificateExpiredException

お困りですか?

アトラシアン コミュニティをご利用ください。

コミュニティに質問

この記事はアトラシアンのサーバー製品にのみ適用されます。クラウドとサーバー製品の違いについてはこちらをご確認ください。

問題

Fisheye/Crucible fails to connect to the external directory for user authentication, and the following appears in the atlassian-fisheye-<date>.log

2015-12-21 11:00:00,000 ERROR - Could not retrieve the authentication token
com.cenqua.fisheye.user.AuthenticationException: Problem communicating with Crowd
(...)
Caused by: com.atlassian.crowd.exception.OperationFailedException: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path validation failed: java.security.cert.CertPathValidatorException: timestamp check failed
(...)
Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path validation failed: java.security.cert.CertPathValidatorException: timestamp check failed
(...)
Caused by: sun.security.validator.ValidatorException: PKIX path validation failed: java.security.cert.CertPathValidatorException: timestamp check failed
(...)
Caused by: java.security.cert.CertPathValidatorException: timestamp check failed
(...)
Caused by: java.security.cert.CertificateExpiredException: NotAfter: Mon Dec 21 09:00:00 EST 2015

原因

The certificate used by the external user directory is expired.

ソリューション

  1. Generate a new certificate for your external directory and configure it accordingly. You may use the following documents as a reference for the SSL configuration in Crowd and JIRA, respectively:
    1. Configuring Crowd to Work with SSL
    2. JIRA を SSL または HTTPS 上で実行する
  2. Import the new certificate into Fisheye/Crucible truststore, so it will trust the new cert and will be able to connect to the external user directory.
  3. Restart Fisheye/Crucible, then try connecting to the external user directory.
最終更新日 2018 年 7 月 31 日

この内容はお役に立ちましたか?

はい
いいえ
この記事についてのフィードバックを送信する
Powered by Confluence and Scroll Viewport.