com.atlassian.crowd.exception.OperationFailedException: java.util.concurrent.ExecutionException: com.atlassian.crowd.exception.OperationFailedException: org.springframework.ldap.PartialResultException: nested exception is javax.naming.PartialResultException [Root exception is javax.naming.CommunicationException: office.devexperts.com:636 [Root exception is javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No subject alternative DNS name matching example.domain.com found.]]

Atlassian JIRA | Alejandro Conde Carrillo | 4 years ago
  1. 0

    When connecting to an Active Directory over SSL using a certificate issued by an Windows Certificate Authority, Confluence fails to verify the hostname. In Confluence logs, the following error is shown: {noformat} 2012-09-28 12:30:25,300 ERROR [scheduler_Worker-2] [atlassian.crowd.directory.DbCachingDirectoryPoller] pollChanges Error occurred while refreshing the cache for directory [ 73039875 ]. com.atlassian.crowd.exception.OperationFailedException: java.util.concurrent.ExecutionException: com.atlassian.crowd.exception.OperationFailedException: org.springframework.ldap.PartialResultException: nested exception is javax.naming.PartialResultException [Root exception is javax.naming.CommunicationException: office.devexperts.com:636 [Root exception is javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No subject alternative DNS name matching example.domain.com found.]] at com.atlassian.crowd.directory.ldap.cache.UsnChangedCacheRefresher.synchroniseAllUsers(UsnChangedCacheRefresher.java:268) at com.atlassian.crowd.directory.ldap.cache.AbstractCacheRefresher.synchroniseAll(AbstractCacheRefresher.java:83) at com.atlassian.crowd.directory.ldap.cache.UsnChangedCacheRefresher.synchroniseAll(UsnChangedCacheRefresher.java:225 ... {noformat} The workaround purposed in CONF-26049 is also valid in this case: (!) Backup Confluence database beforehand for safety purpose # Run the following SQL query: {code} UPDATE cwd_directory_attribute SET attribute_value='false' WHERE attribute_name='ldap.secure' AND directory_id = <desired_directory_ID>; {code} # Restart Confluence (i) *Note*: The above option will always reverted to its default ('true') whenever you edit the user directory settings. Therefore, you'll need to run that query every time you do any changes on the user directory settings.

    Atlassian JIRA | 4 years ago | Alex Conde [Atlassian]
    com.atlassian.crowd.exception.OperationFailedException: java.util.concurrent.ExecutionException: com.atlassian.crowd.exception.OperationFailedException: org.springframework.ldap.PartialResultException: nested exception is javax.naming.PartialResultException [Root exception is javax.naming.CommunicationException: office.devexperts.com:636 [Root exception is javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No subject alternative DNS name matching example.domain.com found.]]
  2. 0

    When connecting to an Active Directory over SSL using a certificate issued by an Windows Certificate Authority, Confluence fails to verify the hostname. In Confluence logs, the following error is shown: {noformat} 2012-09-28 12:30:25,300 ERROR [scheduler_Worker-2] [atlassian.crowd.directory.DbCachingDirectoryPoller] pollChanges Error occurred while refreshing the cache for directory [ 73039875 ]. com.atlassian.crowd.exception.OperationFailedException: java.util.concurrent.ExecutionException: com.atlassian.crowd.exception.OperationFailedException: org.springframework.ldap.PartialResultException: nested exception is javax.naming.PartialResultException [Root exception is javax.naming.CommunicationException: office.devexperts.com:636 [Root exception is javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No subject alternative DNS name matching example.domain.com found.]] at com.atlassian.crowd.directory.ldap.cache.UsnChangedCacheRefresher.synchroniseAllUsers(UsnChangedCacheRefresher.java:268) at com.atlassian.crowd.directory.ldap.cache.AbstractCacheRefresher.synchroniseAll(AbstractCacheRefresher.java:83) at com.atlassian.crowd.directory.ldap.cache.UsnChangedCacheRefresher.synchroniseAll(UsnChangedCacheRefresher.java:225 ... {noformat} The workaround purposed in CONF-26049 is also valid in this case: (!) Backup Confluence database beforehand for safety purpose # Run the following SQL query: {code} UPDATE cwd_directory_attribute SET attribute_value='false' WHERE attribute_name='ldap.secure' AND directory_id = <desired_directory_ID>; {code} # Restart Confluence (i) *Note*: The above option will always reverted to its default ('true') whenever you edit the user directory settings. Therefore, you'll need to run that query every time you do any changes on the user directory settings.

    Atlassian JIRA | 4 years ago | Alejandro Conde Carrillo
    com.atlassian.crowd.exception.OperationFailedException: java.util.concurrent.ExecutionException: com.atlassian.crowd.exception.OperationFailedException: org.springframework.ldap.PartialResultException: nested exception is javax.naming.PartialResultException [Root exception is javax.naming.CommunicationException: office.devexperts.com:636 [Root exception is javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No subject alternative DNS name matching example.domain.com found.]]
  3. 0

    [JRA-23955] BaseDN without an OU does not work when setting up a directory in JIRA - Atlassian JIRA

    atlassian.com | 1 year ago
    com.atlassian.crowd.exception.OperationFailedException: java.util.concurrent.ExecutionException: com.atlassian.crowd.exception.OperationFailedException: org.springframework.ldap.PartialResultException: nested exception is javax.naming.PartialResultException [Root exception is javax.naming.CommunicationException: mycompany.com:389 [Root exception is java.net.UnknownHostException: mycompany.com]]
  4. Speed up your debug routine!

    Automated exception search integrated into your IDE

  5. 0

    [JRA-23955] BaseDN without an OU does not work when setting up a directory in JIRA - Atlassian JIRA

    atlassian.com | 8 months ago
    com.atlassian.crowd.exception.OperationFailedException: java.util.concurrent.ExecutionException: com.atlassian.crowd.exception.OperationFailedException: org.springframework.ldap.PartialResultException: nested exception is javax.naming.PartialResultException [Root exception is javax.naming.CommunicationException: mycompany.com:389 [Root exception is java.net.UnknownHostException: mycompany.com]]
  6. 0

    There has been quite a few support cases that has reported sync'ing problems, resulting in this error: {code} 2012-01-17 13:18:48,791 ERROR [QuartzScheduler_Worker-9] [atlassian.crowd.directory.DbCachingDirectoryPoller] pollChanges Error occurred while refreshing the cache for directory [ 10000 ]. com.atlassian.crowd.exception.OperationFailedException: java.util.concurrent.ExecutionException: com.atlassian.crowd.exception.OperationFailedException: org.springframework.ldap.InvalidSearchFilterException: Empty filter; nested exception is javax.naming.directory.InvalidSearchFilterException: Empty filter; remaining name 'DC=pirates,DC=oceans,DC=com' at com.atlassian.crowd.directory.ldap.cache.UsnChangedCacheRefresher.synchroniseAllGroups(UsnChangedCacheRefresher.java:284) at com.atlassian.crowd.directory.ldap.cache.AbstractCacheRefresher.synchroniseAll(AbstractCacheRefresher.java:41) {code} This is interpreted as a filter field being empty, but checking but User and Group Object filters, they are both populated. It was finally found that this was the problem: {code}ldap.roles.disabled: "false"{code} Roles have been deprecated for years in Crowd, but it had been ported into JIRA/Confluence via embedded Crowd. Still the code is there and is simply set to be disabled via the directory attribute, as mentioned above. I'm not sure how this can be enabled, there support has receive a number of tickets relating to this. For now, I've written this article for the issue: http://confluence.atlassian.com/display/JIRAKB/InvalidSearchFilterException%3A+Empty+filter+when+Synchronising+LDAP

    Atlassian JIRA | 5 years ago | David Chan [Atlassian]
    com.atlassian.crowd.exception.OperationFailedException: java.util.concurrent.ExecutionException: com.atlassian.crowd.exception.OperationFailedException: org.springframework.ldap.InvalidSearchFilterException: Empty filter; nested exception is javax.naming.directory.InvalidSearchFilterException: Empty filter; remaining name 'DC=pirates,DC=oceans,DC=com'

    Not finding the right solution?
    Take a tour to get the most out of Samebug.

    Tired of useless tips?

    Automated exception search integrated into your IDE

    Root Cause Analysis

    1. com.atlassian.crowd.exception.OperationFailedException

      java.util.concurrent.ExecutionException: com.atlassian.crowd.exception.OperationFailedException: org.springframework.ldap.PartialResultException: nested exception is javax.naming.PartialResultException [Root exception is javax.naming.CommunicationException: office.devexperts.com:636 [Root exception is javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No subject alternative DNS name matching example.domain.com found.]]

      at com.atlassian.crowd.directory.ldap.cache.UsnChangedCacheRefresher.synchroniseAllUsers()
    2. com.atlassian.crowd
      AbstractCacheRefresher.synchroniseAll
      1. com.atlassian.crowd.directory.ldap.cache.UsnChangedCacheRefresher.synchroniseAllUsers(UsnChangedCacheRefresher.java:268)
      2. com.atlassian.crowd.directory.ldap.cache.AbstractCacheRefresher.synchroniseAll(AbstractCacheRefresher.java:83)
      2 frames