Details
-
Bug
-
Resolution: Unresolved
-
Low
-
None
-
4.8.15
-
None
-
Severity 3 - Minor
-
2
-
Description
Issue Summary
When trying to configure a non-default TrustStore file path in Fisheye using the UI (Administration -> Global Settings -> Server) or by utilizing config.xml, these changes are not taking effect as expected.
This is reproducible : yes
Steps to Reproduce
- Import a self self signed certificate of a remote service (like bitbucket) into a truststore file located in a non-default location.
- Make Fisheye use the TrustStore file by configuring its path from Administration -> Global Settings -> Server as shown below.
- Restart Fisheye for the settings to take effect.
- Try integrating the external service via applinks or some other integrations.
Expected Results
- Fisheye should use the configured Truststore to trust the external service's self signed certificate.
Actual Results
- The integration fails with "PKIX Path Building Failed" error.
Workaround
- Force the JVM to use the Truststore by configuring JVM parameter as shown below.
export FISHEYE_OPTS=-Djavax.net.ssl.trustStore=/path/to/truststore
- This problem has been documented in the KB article : Unable to create Application links due to "PKIX Path Building Failed" error when fisheye is configured with custom truststore on config.xml
Creating ticket as part of warranty bug.