-
Bug
-
Resolution: Low Engagement
-
Low
-
None
-
4.3
-
2
-
Severity 3 - Minor
-
0
-
When connecting to an Active Directory over SSL using a certificate issued by an Windows Certificate Authority, Confluence fails to verify the hostname.
In Confluence logs, the following error is shown:
2012-09-28 12:30:25,300 ERROR [scheduler_Worker-2] [atlassian.crowd.directory.DbCachingDirectoryPoller] pollChanges Error occurred while refreshing the cache for directory [ 73039875 ]. com.atlassian.crowd.exception.OperationFailedException: java.util.concurrent.ExecutionException: com.atlassian.crowd.exception.OperationFailedException: org.springframework.ldap.PartialResultException: nested exception is javax.naming.PartialResultException [Root exception is javax.naming.CommunicationException: office.devexperts.com:636 [Root exception is javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No subject alternative DNS name matching example.domain.com found.]] at com.atlassian.crowd.directory.ldap.cache.UsnChangedCacheRefresher.synchroniseAllUsers(UsnChangedCacheRefresher.java:268) at com.atlassian.crowd.directory.ldap.cache.AbstractCacheRefresher.synchroniseAll(AbstractCacheRefresher.java:83) at com.atlassian.crowd.directory.ldap.cache.UsnChangedCacheRefresher.synchroniseAll(UsnChangedCacheRefresher.java:225 ...
The workaround purposed in CONF-26049 is also valid in this case:
Backup Confluence database beforehand for safety purpose
- Run the following SQL query:
UPDATE cwd_directory_attribute SET attribute_value='false' WHERE attribute_name='ldap.secure' AND directory_id = <desired_directory_ID>;
- Restart Confluence
Note: The above option will always reverted to its default ('true') whenever you edit the user directory settings. Therefore, you'll need to run that query every time you do any changes on the user directory settings.
- relates to
-
CONFSERVER-26049 Add an option in User Directory settings to make an SSL LDAP connection but without verifying that the hostname and certificate match
- Closed
- mentioned in
-
Page Failed to load
Hi,
At Atlassian, our goal is to ensure we’re providing the best experience for our customers. With our new Data Center strategy, Atlassian's focus is on security, compliance, and performance and is a key driver in prioritizing bugs. Closing the bugs that do not fall into those categories will allow us to focus on the ones in the most current versions of our products.
This bug is being closed due to a lack of engagement in the last four years, including no new watchers, votes, or comments; this inactivity suggests a low impact.
Please note the comments on this thread are not being monitored.
You can read more about our bug fix policy here and how we prioritize bugs.
To learn more about our recent investments in Confluence Data Center, please check our public roadmap and dashboards containing recently resolved issues, current work, and future plans.
Kind regards,
Confluence Data Center