'Can't get a secure connection' error on Jira Server mobile app

お困りですか?

アトラシアン コミュニティをご利用ください。

コミュニティに質問

この記事はアトラシアンのサーバー製品にのみ適用されます。クラウドとサーバー製品の違いについてはこちらをご確認ください。

問題

The Jira Server mobile app throws the following error when a user tries to connect it to an existing Jira server site:

Can't get a secure connection

Either there's a problem with your site's certificate, or you need to install the certificate on your device. 


原因

The errors above appear when you've entered a HTTPS address, but the app can't get a HTTPS connection to your site. 

この原因として、以下のことが考えられます。

  • your certificate is self signed.
  • the Certificate Authority (CA) is unknown, or is not one that Android / iOS trusts by default  (for example it might be a new CA that is not yet trusted, or a private CA).
  • 証明書チェーンに影響を与える中間 CA が証明書に含まれていない
  • your site has HTTPS enabled, but your proxy is not configured to allow TLS 1.2 traffic.

ソリューション

tip/resting Created with Sketch.

Not an admin? Send this page to your Jira administrator and ask them to look into the problem for you.

The resolution will depend on the cause of your problem. 

HTTPS

Although you can log in with HTTP, in most circumstances we would recommend enabling HTTPS on your Jira site. 

詳細を見る...

There are two main ways you can do this:

To prevent disruptions to your site, we recommend testing these changes in a staging environment first. 

Certificate issues

If your site uses a self-signed certificate, rather than one from a recognised Certificate Authority, you'll need to install the certificate on your device, in order to log in.  Be careful, and always check with your administrator or IT team to make sure you're obtaining the certificate from the right place.

Some browsers will warn you that a site's certificate is self-signed, or from an unknown Certificate Authority, but still allow you to view the site. Even if you've done this, and are able to view the site on your browser, you'll still need to install the certificate in order to log into your site using the app.

Manually install your certificate on an iOS device

To install a certificate on your iPhone, iPad or other iOS device:

  1. Access the certificate on your device (for example, download it from a location provided by your admin, or open it from an email). 
  2. The Install Profile screen will appear. Check the certificate details are correct (1) then tap Install (2). 



  3. A warning will appear. Tap Install again.
  4. The certificate will be shown as Verified on the Profiles and Device Management screen. 
  5. On your device go to Settings > General > About > Certificate Trust Settings
  6. Your new certificate will be listed. Tap to enable it (1). 
     

     
  7. You should now be able to log in to your Jira site using the Jira Server app. 

These instructions are for iOS 11. Your version may differ. See https://support.apple.com/en-au/HT204477 for more information. 

Manually install your certificate on an Android device

To install a certificate on your Android phone or tablet:

  1. Access the certificate on your device (for example, download it from a location provided by your admin, or open it from an email).
  2. When prompted, name the certificate (1). This example is for Confluence, but the steps are the same.  



  3. Follow the prompts to install the certificate (2). 
  4. You can verify that the certificate has been installed at Settings > Security > Trusted Credentials > User (1).

These instructions are for Android 7.0.  Your version, or device's implementation, might differ. See https://support.google.com/nexus/answer/2844832?hl=en for more information. 

If you're still unable to connect after installing the certificate on your device, ask your admin to check that the following extension is declared in the certificate file:

X509v3 extensions:
  X509v3 Basic Constraints:
    CA:TRUE

Other certificate problems

If you are using a certificate from a Trusted Authority, you'll need to investigate why your certificate is not trusted by the device, as there may be an issue in the certificate chain. 

The Security and SSL page in the Android developer documentation provides a more detailed explanation of the common problems encountered when verifying certificates.  You can also check the Lists of available trusted root certificates in iOS, for the list of trusted root certificates preinstalled with iOS.  

TLS protocol

If you're using HTTPS, your proxy must allow TLS 1.2 traffic. This is an iOS requirement that we've chosen to implement for both the iOS and Android apps to prevent confusion (for example where one device can log in, and another cannot).

Many proxies allow TLS 1.2 by default, but some may require you to explicitly specify it in your proxy configuration.  Alternatively, if your current configuration is from a few years ago, it may not have been updated to specify TLS 1.2. 


最終更新日 2018 年 7 月 23 日

この内容はお役に立ちましたか?

はい
いいえ
この記事についてのフィードバックを送信する
Powered by Confluence and Scroll Viewport.