Basically I’ve solved this issue quite a while ago. Unfortunately I did not wrote any kind of documentation. That’s why I run again into SSLHandshakeException with my Eclipse installation on my new MacBook Pro, when trying to access our JIRA environment. As it now hopefully take a while until I buy again a new MacBook Pro, I thought it’s time to write a short note. 🙂
Cause
Our JIRA server is configured using a self signed certificate. The certificate is not part of the JVM certificate keystore.
Solution
The solution is simple, just add the certificate to the keystore. But which one? The eclipse installation details will help to identify the right JVM and keystore.
- Checkout the eclipse installation and configuration details in Eclipse > About Eclipse > Installation Details Somewhere there you find the java.home used by eclipse.
- Get the Certificat of your JIRA Web server. On Mac OS I’ve used Firefox to store the X.509 Certificate as PEM
- Set the JAVA HOME
- Load the certificate to the keystone using key tool
- Restarte Eclipse and start to configure your JIRA Repository
On my Mac OS X Mavericks I have to use the following JAVA_HOME. Password for the keystone is by the way changeit.
export JAVA_HOME=/Library/Java/JavaVirtualMachines/jdk1.7.0_45.jdk/Contents/Home/jre sudo keytool -import -alias tvdvaps -file certificate.pem -keystore $JAVA_HOME/lib/security/cacerts
The full description can be found in FAQ JiraBuddy Eclipse Plugin for JIRA
After upgrading to Java 1.8 I’ve run again into the same issue. The solution is the same as described above. 🙂