Restoring the Confluence Trusted Applications Keystore
Problem
Sometimes after migrating Confluence instances between servers the Confluence Trusted Applications Keystore does not work any longer.
This will result in exports with Scroll Exporters crashing with errors like this in the log:
java.lang.IllegalStateException: Can't create http method with trusted authentication token.
at com.k15t.scroll.confluence.io.HttpMethodWrapper.makeTrustedMethod(HttpMethodWrapper.java:89)
at com.k15t.scroll.confluence.io.HttpMethodWrapper.toHttpMethod(HttpMethodWrapper.java:49)
at com.k15t.scroll.confluence.io.HttpClientResource.getContentAsStream(HttpClientResource.java:47)
...<a lot more lines here>...
Caused by: java.lang.NullPointerException
at java.security.MessageDigest.update(Unknown Source)
at java.security.MessageDigest.digest(Unknown Source)
at org.apache.commons.codec.digest.DigestUtils.md5(DigestUtils.java:165)
at org.apache.commons.codec.digest.DigestUtils.md5(DigestUtils.java:190)
at com.atlassian.confluence.security.trust.DefaultCurrentApplicationIdProvider.getAliasForSid(DefaultCurrentApplicationIdProvider.java:41)
at com.atlassian.confluence.security.trust.DefaultCurrentApplicationIdProvider.getCurrentApplicationId(DefaultCurrentApplicationIdProvider.java:35)
at com.atlassian.confluence.security.trust.DefaultTrustedApplicationsManager.getCurrentApplication(DefaultTrustedApplicationsManager.java:133)
at com.atlassian.confluence.security.trust.DefaultTrustedApplicationsManager.getToken(DefaultTrustedApplicationsManager.java:76)
...<a lot more lines here>...
Environment
- All Scroll Exporters
- All versions
Resolution
The Confluence Trusted Applications Keystore is used in Confluence to use secure connections to other applications. Our Exporter do use this keystore to load images.
To fix this problem you will need to restore the Confluence Trusted Applications Keystore. This can be done by placing a JSP file from this page into you Confluence installation and accessing a page in the administration.
To restore the Confluence Trusted Applications Keystore in Confluence 5.3 and above:
- Visit https://jira.atlassian.com/browse/CONFSERVER-11074 and download the correct initKeyStore.jsp file depending on your Confluence instance
- Place the downloaded initKeyStore.jsp file into
<confluence_install_dir>/confluence/admin
- Restart Confluence
- In your web browser open
http://<your_confluence_base_url>/admin/initKeyStore.jsp
- Click 'Proceed'.
- (optional) Remove the JSP file from
<confluence_install_dir>/confluence/admin
- (optional) Restart Confluence
Verification
To check if the keystore was restored properly:
Open
http://<your_confluence_base_url>/admin/appTrustCertificate
in your browser.
If the keystore has been restored successfully you should see something like this:CODEconfluence:2687930 MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlClFe74RCmSet6Mkw1xKbZ/8yWiYqbv0ifYUQcWz6brDm6wc3H+woup5k66nbQigfaBwnA1PlEBDp2pUAm/NcjT9jIsaOjUK+bL51RH+4kQVYEVEO8ImGLz9y/cGkTRSWacoj5nlRi8fJ8GcsNiuBRHAPjzWB397+SomyYJlAWQzH6TxQPAUOvISqNTK7DjNHThPy7WbIx/OV4rxv1VM/JjGmw51/JmywBUobc+g5xD2eym6cZg+C+DYeN4IW9cChG0nmG42FqcJdzTmegJxUKmJquXxE+LhnEYEZuoW9srdHp4HyuM+x68oYxOYKcT7aNg1zwjga88+PrLS/Rm+awIDAQAB 1 -1152983122
Cause
The Confluence Trusted Applications Keystore sometimes doesn't work any longer after migrating Confluence.