Error authenticating with JIRA/Bitbucket due to some HANDSHAKE-Failure
Issue #221
resolved
OS: Windows 7;
VS-Code: 1.38.1;
Jira and Bitbucket (Official): 2.0.4
Hello everybody,
first of all, many thanks to the whole Atlassian’s team for making such a cool and useful extension compatible with internal server-based Jira und Bitbucket!!!
Unfortunately, I am currently failing to connect to our internal JIRA/Bitbucket-Services (for example “https://ews.corp.com/jira” and “https://ews.corp.com/stash”) with the error messages depicted on the pictures attached to the current issue.
Since we use a secure HTTP, I also set the following properties:
"atlascode.enableCustomSSLCerts": true,
"atlascode.customSSLCertPaths": "D:\\PATH\\user-cert.pem",
However, it does not seem to have any positive effect:(
Could you please help?
Thank you in advance!!!
Comments (8)
-
Account Deactivated
-
reporter
@{557057:3695b794-cde3-43a2-99aa-c0fc6151b754} Sorry for the late response, since I have a lack of experience with certificates, I was trying to get an answer from my colleagues (which, as it turned out, also have not so much experience with it).
However, most of them are sure that we use a client-side Mutual TLS certificate.
Thank you in advance!!!
-
Account Deactivated
@Gleb Savateev Good News! We’re working on mTLS support and it should be out soon. We have created a version to test with if you’d like to try it out but you’ll need to manually install it from the “Install from visix” option in the extension panel menu.
https://bitbucket.org/atlassianlabs/atlascode/downloads/atlascode-2.0.5-mtls.vsix
Let me know how it goes.
-
Account Deactivated
@Gleb Savateev I realized based on your eariler comments you may need a bit more info. Essentially, mTLS is a way for the client and server to exchange certificates to verify each other. To do this, our extension allows you to provide a PKCS
#12(pfx) file that it can use to do this exchange.This means you’ll need to get a hold of the certificate(s) your company uses and generate a pfx file.
Here are a few resources I’ve found that may help. (I just googled these so I’m not sure how good they are)
https://gist.github.com/mtigas/952344
https://www.ssl.com/how-to/create-a-pfx-p12-certificate-file-using-openssl/
https://www.sslshopper.com/ssl-converter.html
Hope this helps!
-
Account Deactivated
FYI, we’ve just released version 2.1.0 which includes these features. No need to manually install the above vsix.
-
reporter
@{557057:3695b794-cde3-43a2-99aa-c0fc6151b754} Hello Jonathan! Thank you very much for opening the gate of the world which is a much better place for software developers as those one without your extension!!!
It works, I could login with ease
! That’s awesome without the end!!! Thank you very much!!!Regards
Gleb
PS: For those who need to create a PFX-Certificate, here is the necessary openssl commando:
openssl pkcs12 -export -out certificate.pfx -inkey privateKey.key -in certificate.crt -certfile more.crt -
reporter
- changed status to resolved
-
Account Deactivated
@Gleb Savateev Awesome! And thanks for the kind words. I’m so glad we finally got it working for you, and thanks for posting the openssl tip!
- Log in to comment
@Gleb Savateev When you say secure http, do you know if you use a server-side self-signed cert or client-side Mutual TLS ?