Troubleshooting Connection Failure
Failure to connect to the JIRA https source results in the same generic error as a non-SSL connection failure:
Unable to connect to server:
Unable to open connection to JIRA. Please make sure Java (JRE/JDK)
is installed and the JIRA server URL, username and password are correct.
First, verify that you can connect to the https URL in your browser.
Next, use the attached test program to connect to your secure JIRA URL. Save and run this program from the same environment and directory that the P4DTG replication process runs from.
This sample program opens a connection, just like the P4DTG JIRA plug-in, and prints the information retrieved from that URL.
An example with a successful result:
Should you need to pass any additional properties to this java program, such as the keystore location and password, you also then need to give these properties to the JIRA plug-in. This is done by editing your JIRA Defect Tracking Source, "Edit attributes..." button. A sample is shown below.
$ java -jar urltester.jar https://jirahost/rpc/soap/jirasoapservice-v2
<p>Hi there, this is an AXIS service!</p>
<i>Perhaps there will be a form for invoking the service here...</i>
javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No subject alternative names present
This typically means the host name in your https URL does not match the host name in the Certificate. For your URL, use the same host name as present in the JIRA web server's Certificate.
javax.net.ssl.SSLException: java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty
Double check your javax.net.ssl.trustStore and javax.net.ssl.keyStore values.
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
The JIRA web server's certificate is not trusted. Import the certificate into your store.
javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake
Caused by: java.io.EOFException: SSL peer shut down incorrectly
This can also be caused by an untrusted server certificate. Import the certificate into your store.
Common Certificate Related Java Properties
If you use a certificate that is not from a trusted Certificate Authority, you will need to import that certificate into your java installations default store or create another store with the certificate. You can point to the alternate store using these properties:
Specifying Addtional Connection Properties
Specifying the properties such as keyStore and trustStore is done by editing your JIRA Defect Tracking Source, "Edit attributes..." button, then add your properties to the
attribute. Individual java options should be space delimited with properties preceeded with "-D". For example, "-Djavax.net.ssl.keyStorePassword=changeme"
Example of Setting Alternate Java Options