Problem

Sometimes after migrating Confluence instances between servers the Confluence Trusted Applications Keystore does not work any longer.

This will result in exports with Scroll Exporters crashing with errors like this in the log:

java.lang.IllegalStateException: Can't create http method with trusted authentication token.
        at com.k15t.scroll.confluence.io.HttpMethodWrapper.makeTrustedMethod(HttpMethodWrapper.java:89)
        at com.k15t.scroll.confluence.io.HttpMethodWrapper.toHttpMethod(HttpMethodWrapper.java:49)
        at com.k15t.scroll.confluence.io.HttpClientResource.getContentAsStream(HttpClientResource.java:47)
...<a lot more lines here>...
Caused by: java.lang.NullPointerException
        at java.security.MessageDigest.update(Unknown Source)
        at java.security.MessageDigest.digest(Unknown Source)
        at org.apache.commons.codec.digest.DigestUtils.md5(DigestUtils.java:165)
        at org.apache.commons.codec.digest.DigestUtils.md5(DigestUtils.java:190)
        at com.atlassian.confluence.security.trust.DefaultCurrentApplicationIdProvider.getAliasForSid(DefaultCurrentApplicationIdProvider.java:41)
        at com.atlassian.confluence.security.trust.DefaultCurrentApplicationIdProvider.getCurrentApplicationId(DefaultCurrentApplicationIdProvider.java:35)
        at com.atlassian.confluence.security.trust.DefaultTrustedApplicationsManager.getCurrentApplication(DefaultTrustedApplicationsManager.java:133)
        at com.atlassian.confluence.security.trust.DefaultTrustedApplicationsManager.getToken(DefaultTrustedApplicationsManager.java:76)
...<a lot more lines here>...
CODE

Environment

  • All Scroll Exporters
  • All versions

Resolution

The Confluence Trusted Applications Keystore is used in Confluence to use secure connections to other applications. Our Exporter do use this keystore to load images.

To fix this problem you will need to restore the Confluence Trusted Applications Keystore. This can be done by placing a JSP file from this page into you Confluence installation and accessing a page in the administration.

To restore the Confluence Trusted Applications Keystore in Confluence 5.3 and above:

  1. Visit https://jira.atlassian.com/browse/CONFSERVER-11074 and download the correct initKeyStore.jsp file depending on your Confluence instance
  2. Place the downloaded initKeyStore.jsp file into <confluence_install_dir>/confluence/admin
  3. Restart Confluence
  4. In your web browser open http://<your_confluence_base_url>/admin/initKeyStore.jsp
  5. Click 'Proceed'.
  6. (optional) Remove the JSP file from <confluence_install_dir>/confluence/admin
  7. (optional) Restart Confluence

Verification

To check if the keystore was restored properly:

  • Open http://<your_confluence_base_url>/admin/appTrustCertificate in your browser.
    If the keystore has been restored successfully you should see something like this:

    confluence:2687930
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlClFe74RCmSet6Mkw1xKbZ/8yWiYqbv0ifYUQcWz6brDm6wc3H+woup5k66nbQigfaBwnA1PlEBDp2pUAm/NcjT9jIsaOjUK+bL51RH+4kQVYEVEO8ImGLz9y/cGkTRSWacoj5nlRi8fJ8GcsNiuBRHAPjzWB397+SomyYJlAWQzH6TxQPAUOvISqNTK7DjNHThPy7WbIx/OV4rxv1VM/JjGmw51/JmywBUobc+g5xD2eym6cZg+C+DYeN4IW9cChG0nmG42FqcJdzTmegJxUKmJquXxE+LhnEYEZuoW9srdHp4HyuM+x68oYxOYKcT7aNg1zwjga88+PrLS/Rm+awIDAQAB
1
-1152983122
    CODE

Cause

The Confluence Trusted Applications Keystore sometimes doesn't work any longer after migrating Confluence.