Problem with JIRA reporter in the internal corporate network

[ghost]

What ?
At the attempt to connect JIRA and reporting security bugs - an error message appears:

SSL_connect returned=1 errno=0 state=error: certificate verify failed
JIRA is started in the enterprise network, and the certificate is signed through internal corporate CA.
RootCA + InterCA was added to the docker container, but still "certificate verify failed".

I checked on JIRA Cloud - everything is works correctly.

In the certificate:
CN (commonName) = jira.company.com, but SAN (DNS Name) = *. company.com

Perhaps it is a problem?

[omerlh]

Can you run something like curl https://jira.company.com inside the docker image?

[ghost]

@omerlh
JIRA works behind the TLS terminator.
If I using wget to testing connection inside in the docker container, TLS terminator reponds correctly.

Maybe, doesn't work because
connection is via TLS Terminator rather than directly for the JIRA service ?

[omerlh]

So you're saying that if you access it with wget it works? can you share the command please?

[ghost]

I apologize for the late reply.
But I have a question, does GLUE use jira-ruby (glue / lib / glue / reporters / jira_reporter.rb) as a task reporter for jira?
Does Jira-ruby correctly verify wildcard certificates?
I suspect Jira-ruby incorrectly verifies wildcard certificates and there is a problem reporting to JIRA.

[omerlh]

I honestly don't know - maybe raise an issue on Jira-ruby repository?

[stale]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.