Jira Server Extension: 'SSL certificate verification failed' when connecting to Jira

jira

#1

I’m following the guide here: https://www.pagerduty.com/docs/guides/jira-server-extension-guide/
I’ve installed the plugin, and the PagerDuty user has been automatically created.

When I get to the step ‘Add the URL of your JIRA server and click Connect JIRA Server,’
the error message when I click ‘Connect’ is: ‘SSL certificate verification failed’

Other observations:
If I specify the root domain without the /jira path, or with a path that doesn’t redirect to jira, I get the same error.
If I specify a different domain, such as https://google.com, I get no error or ‘Unexpected response from JIRA. Make sure that URL is correct!’

This suggests that the issue may be related to the LetsEncrypt cert?


(Simon Fiddaman) #2

Does your JIRA server present the intermediate certificates (e.g. from https://letsencrypt.org/certificates/)?

I mean, it should work, but the number of times you see that as the answer… maybe there’s some truth to it.

Either that or the Let’s Encrypt CA isn’t trusted by PagerDuty - maybe try https://letsencrypt.org/how-it-works/ and see if that gets an SSL error, too?

You could also pull a random site from https://crt.sh/?Identity=%&iCAID=16418 which is the recent history of Let’s Encrypt X3 certificate issuances. This also depends on whether or not they’ve provided the intermediate certificates in their response (assuming that’s the issue).

Hope that helps,
@simonfiddaman


#4

Thanks @simonfiddaman.

Good thinking: https://letsencrypt.org/how-it-works/: Unexpected response from JIRA. Make sure that URL is correct!

Does your JIRA server present the intermediate certificates

It appears that it doesn’t. This is probably the issue (letsencrypt.org presents theirs).


#5

That was exactly the problem, the server wasn’t presenting the intermediate certificate. Everything works now.

Thanks again, @simonfiddaman!


(Jonathan Curry) #6

This topic was automatically closed after 19 hours. New replies are no longer allowed.