Ignite Global Support Home Start a conversation Sign in
Start a conversation
  1. FogBugz Support
  2. FogBugz Articles
  3. Articles

Resolving SSL Handshake Error in FogBugz

Overview

The error "javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated" occurs when sorting by specific fields such as Milestone and Project in FogBugz. This issue is related to SSL/TLS handshake failures due to certificate authentication problems. It was identified after a new certificate was imported into the Java Keystore. The problem was resolved by updating the Host file with the IP address from the NGINX configuration.

Information

Error Message: "javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated"

Cause: The error occurs when the Java process used by FogBugz/Elasticsearch cannot authenticate the SSL certificate for an external API, leading to SSL handshake failures. This typically happens if the certificate is not correctly imported into the Java Trust Store or if there is a mismatch in the certificate chain.

Resolution Steps:

  1. Verify SSL Certificate:
    • Open the external API URL in a browser to check for certificate warnings.
    • Ensure the certificate is valid and trusted.
  2. Import Certificate into Java Trust Store:
    • Export the certificate from the server hosting the external API.
    • Use the keytool command to import the certificate into the Java Trust Store.
    • Restart the FogBugz ElasticSearch service and IIS.
  3. Update Host File:
    • Add the IP address from the NGINX configuration to the Host file to ensure proper routing.
  4. Testing:
    • Verify ElasticSearch status and re-attempt sorting operations in FogBugz to confirm resolution.

Note: If the issue persists, ensure the certificate chain is complete and matches the one presented by the external service.

Frequently Asked Questions

How do I know if this error applies to my situation?
You'll see the error "javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated" when attempting to sort by specific fields in FogBugz, indicating an SSL handshake failure.
What should I do if importing the certificate doesn't resolve the issue?
Ensure the certificate chain is complete and correctly imported into the Java Trust Store. Verify the certificate matches the one presented by the external service.
How can I verify the SSL certificate of an external service?
Open the service URL in a browser and check for any certificate warnings. Use tools like SSL Labs’ SSL Test to analyze the certificate chain.
What if the error persists after updating the Host file?
Double-check the IP address and ensure it matches the NGINX configuration. Verify no intermediate certificates are missing in the trust store.
Choose files or drag and drop files
ai_initiated
atlas_studio
kb_automation
Was this article helpful?
Yes
No

  1. Priyanka Bhotika

  2. Posted

Comments