Platform notice: Server and Data Center only.
This article only applies to Atlassian products on the
Server and Data Center platforms
.
Support for Server* products
ended on February 15th 2024
. If you are running a Server product, you can visit the
Atlassian Server end of support
announcement to review your migration options.
*Except Fisheye and Crucible
Problem
Fisheye/Crucible fails to connect to the external directory for user authentication, and the following appears in the
atlassian-fisheye-<date>.log
2015-12-21 11:00:00,000 ERROR - Could not retrieve the authentication token
com.cenqua.fisheye.user.AuthenticationException: Problem communicating with Crowd
(...)
Caused by: com.atlassian.crowd.exception.OperationFailedException: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path validation failed: java.security.cert.CertPathValidatorException: timestamp check failed
(...)
Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path validation failed: java.security.cert.CertPathValidatorException: timestamp check failed
(...)
Caused by: sun.security.validator.ValidatorException: PKIX path validation failed: java.security.cert.CertPathValidatorException: timestamp check failed
(...)
Caused by: java.security.cert.CertPathValidatorException: timestamp check failed
(...)
Caused by: java.security.cert.CertificateExpiredException: NotAfter: Mon Dec 21 09:00:00 EST 2015
Cause
The certificate used by the external user directory is expired.
Resolution
- Generate a new certificate for your external directory and configure it accordingly. You may use the following documents as a reference for the SSL configuration in Crowd and JIRA, respectively:
- Configuring Crowd to Work with SSL
- Running JIRA over SSL or HTTPS
- Import the new certificate into Fisheye/Crucible truststore, so it will trust the new cert and will be able to connect to the external user directory.
- Restart Fisheye/Crucible, then try connecting to the external user directory.
