Unable to connect to database with SSL enabled during Jira setup

お困りですか?

アトラシアン コミュニティをご利用ください。

コミュニティに質問

プラットフォームについて: Server と Data Center のみ - この記事は、サーバーおよびデータセンター プラットフォームのアトラシアン製品にのみ適用されます。

問題

In Jira, when testing the database connection to PostgreSQL with SSL enabled, you may receive an error message:


The following appears in the catalina.log:

2018-05-27 15:25:48,747 http-nio-8080-exec-1 ERROR anonymous 925x38x1 92lmp6 10.53.222.101 /secure/SetupDatabase!connectionCheck.jspa [c.a.config.bootstrap.DefaultAtlassianBootstrapManager] Could not successfully test your database: 
org.postgresql.util.PSQLException: Something unusual has occurred to cause the driver to fail. Please report this exception.
	at org.postgresql.Driver.connect(Driver.java:275)
	at java.sql.DriverManager.getConnection(DriverManager.java:664)
	at java.sql.DriverManager.getConnection(DriverManager.java:247)
	at com.atlassian.config.bootstrap.DefaultAtlassianBootstrapManager.getTestDatabaseConnection(DefaultAtlassianBootstrapManager.java:347)
	at com.atlassian.jira.config.database.JdbcDatasource.getConnection(JdbcDatasource.java:211)
	at com.atlassian.jira.config.database.DatabaseConfig.testConnection(DatabaseConfig.java:87)
	at com.atlassian.jira.web.action.setup.SetupDatabase.testConnection(SetupDatabase.java:225)
	at com.atlassian.jira.web.action.setup.SetupDatabase.doValidation(SetupDatabase.java:189)
	at com.atlassian.jira.web.action.setup.SetupDatabase.doConnectionCheck(SetupDatabase.java:121)
	... 3 filtered
	at java.lang.reflect.Method.invoke(Method.java:498)
	at webwork.util.InjectionUtils$DefaultInjectionImpl.invoke(InjectionUtils.java:70)
	at webwork.util.InjectionUtils.invoke(InjectionUtils.java:56)
	... 2 filtered
	at com.atlassian.jira.action.JiraActionSupport.execute(JiraActionSupport.java:63)
	... 7 filtered
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:729)
	... 49 filtered
	at com.atlassian.jira.security.JiraSecurityFilter.lambda$doFilter$2(JiraSecurityFilter.java:78)
	... 1 filtered
	at com.atlassian.jira.security.JiraSecurityFilter.doFilter(JiraSecurityFilter.java:76)
	... 28 filtered
	at com.atlassian.jira.servermetrics.CorrelationIdPopulatorFilter.doFilter(CorrelationIdPopulatorFilter.java:30)
	... 27 filtered
	at com.atlassian.jira.servermetrics.MetricsCollectorFilter.doFilter(MetricsCollectorFilter.java:25)
	... 26 filtered
	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
	at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
	at java.lang.Thread.run(Thread.java:748)
Caused by: java.lang.NullPointerException
	at org.apache.log4j.CategoryKey.<init>(CategoryKey.java:32)
	at org.apache.log4j.Hierarchy.getLogger(Hierarchy.java:266)
	at org.apache.log4j.Hierarchy.getLogger(Hierarchy.java:247)
	at org.apache.log4j.LogManager.getLogger(LogManager.java:228)
	at org.apache.log4j.Logger.getLogger(Logger.java:104)
	at java.util.logging.Logger.log(Logger.java:738)
	at org.postgresql.core.v3.ConnectionFactoryImpl.log(ConnectionFactoryImpl.java:317)
	at org.postgresql.core.v3.ConnectionFactoryImpl.openConnectionImpl(ConnectionFactoryImpl.java:261)
	at org.postgresql.core.ConnectionFactory.openConnection(ConnectionFactory.java:49)
	at org.postgresql.jdbc.PgConnection.<init>(PgConnection.java:195)
	at org.postgresql.Driver.makeConnection(Driver.java:452)
	at org.postgresql.Driver.connect(Driver.java:254)
	... 164 more

原因

It is currently not possible to force the SSL connection to the database from the Jira Web UI. This is being tracked in the following feature request:  JRASERVER-67403 - Getting issue details... STATUS

ソリューション

You will need to manually edit the dbconfig.xml to force the SSL connection.

  • Jira を停止します。
  • Edit the dbconfig.xml (located at the jira-home directory) as follows:
    For JIRA 7.13 / postgreSQL driver below version 42.2.5: Add the following parameter to the JDBC URL parameter: ssl=true
    For JIRA 8.5 / postgreSQL driver above version 42.2.5: Add the following parameter to the JDBC URL parameter: sslmode=require
  • Start Jira

Sample of JDBC URL

JIRA 7.13 / postgreSQL driver below version 42.2.5:

<url>jdbc:postgresql://DB-Server:5432/jiradb?ssl=true</url>


For JIRA 8.5 / postgreSQL driver above version 42.2.5:

<url>jdbc:postgresql://DB-Server:5432/jiradb?sslmode=require</url>

depending on the setup the following URLs may need to be used:

<url>jdbc:postgresql://DB-Server:5432/jiradb?sslmode=prefer</url>
<url>jdbc:postgresql://DB-Server:5432/jiradb?sslmode=allow</url>



*Note that the "?" demarcates the end of the database name and the beginning of the database connection parameters. If you already have connection parameters, you will add a ";ssl=true" instead of "?ssl=true".

*Note for a full explanation of the sslmode and the different options for it, see Postgres SQL Documentation Configuring the Client

In case the dbconfig.xml file is not yet present, you can create this file via Startup check: Creating and editing the dbconfig.xml file


dbconfig.xml

Sample of the dbconfig.xml for PostgreSQL database:

<jira-database-config>
  <name>defaultDS</name>
  <delegator-name>default</delegator-name>
  <database-type>postgres72</database-type>
  <schema-name>public</schema-name>
  <jdbc-datasource>
    <url>jdbc:postgresql://DB-Server:5432/jiradb?ssl=true</url>
    <driver-class>org.postgresql.Driver</driver-class>
    <username>dbuser</username>
    <password>password</password>
    <pool-min-size>20</pool-min-size>
    <pool-max-size>20</pool-max-size>
    <pool-max-wait>30000</pool-max-wait>
    <pool-max-idle>20</pool-max-idle>
    <pool-remove-abandoned>true</pool-remove-abandoned>
    <pool-remove-abandoned-timeout>300</pool-remove-abandoned-timeout>

    <validation-query>select version();</validation-query>
    <min-evictable-idle-time-millis>60000</min-evictable-idle-time-millis>
    <time-between-eviction-runs-millis>300000</time-between-eviction-runs-millis>

    <pool-test-on-borrow>false</pool-test-on-borrow>
    <pool-test-while-idle>true</pool-test-while-idle>

  </jdbc-datasource>
</jira-database-config>


(info) In some cases, force the SSL connection to the database could lead to Collation not being detected. This is being tracked in this bug report:  JRASERVER-46026 - Getting issue details... STATUS


最終更新日 2021 年 8 月 23 日

この内容はお役に立ちましたか?

はい
いいえ
この記事についてのフィードバックを送信する
Powered by Confluence and Scroll Viewport.