Confluence using PostgreSQL fails to startup with "Server name validation failed: certificate for host" error

Platform Notice: Data Center Only - This article only applies to Atlassian products on the Data Center platform.

Note that this KB was created for the Data Center version of the product. Data Center KBs for non-Data-Center-specific features may also work for Server versions of the product, however they have not been tested. Support for Server* products ended on February 15th 2024. If you are running a Server product, you can visit the Atlassian Server end of support announcement to review your migration options.

*Except Fisheye and Crucible

Summary

Confluence may experience issues connecting with the PostgreSQL database if it's not properly configured. In our database setup guide, we don't explicitly mention how to configure the database with a certificate as this is detailed by the certifying authority (CA), however, it impacts the application usability so we are providing steps to resolve this specific error.

The following message is seen when accessing Confluence:

(Auto-migrated image: description temporarily unavailable)

Environment

Confluence Server and Data Center 

PostgreSQL with SSL

Diagnosis

Confluence doesn't start properly and we see an error message in the browser. To investigate the error, we analyze the atlassian-confluence.logfile, in this log, we will find database errors related to the issue:

1 2 3 4 5 6 7 8 9 2020-12-14 06:27:35,640 ERROR [Catalina-utility-1] [org.postgresql.ssl.PGjdbcHostnameVerifier] verify Server name validation failed: certificate for host confluence.wiki.com dNSName entries subjectAltName, but none of them match. Assuming server name validation failed 2020-12-14 06:27:36,041 ERROR [Catalina-utility-1] [confluence.impl.health.DefaultHealthCheckRunner] logEvent Database connection failed 2020-12-14 06:27:36,043 ERROR [Catalina-utility-1] [confluence.impl.health.DefaultHealthCheckRunner] logEvent Confluence failed to establish a connection to your database. This could be because: - Your database isn't running - The configuration of your confluence.cfg.xml file is incorrect (user, password, or database URL etc.) - There is a network issue between Confluence and your database (e.g. firewall, database doesn't allow remote access etc.) There are several other solutions you can try, review our documentation and see what works for you.

The error above indicates that the certificate used in PostgreSQL does not include the confluence.wiki.com domain name and due to this, the application won't be able to connect to the database and will fail to startup.

Cause

The certificate used in PostgreSQL does not include the confluence.wiki.com domain name.

Solution

We recommend working with your certifying authority to generate new certificates that correspond with the domain name of your server presented in the error.

As contacting the CA may take some time and we need to start Confluence right away we can tell Confluence to ignore the server name validation error by following the steps below:

  1. Stop Confluence if it is running

  2. Edit <confluence_home>/confluence.cfg.xml file

  3. Find the line that starts with <property name="hibernate.connection.url">

  4. Append the following to the JDBC connection string:

    1 ?ssl=true&sslmode=require&sslfactory=org.postgresql.ssl.NonValidatingFactory

  5. Save the resulting file

  6. Start Confluence

This change to the JDBC connection string tells Confluence to use an SSL factory to create a connection that does not validate the domain name, which would allow us to connect to the database.

Updated on March 10, 2025
Platform
Data Center only
Product
Confluence Data Center
On this pageSummaryDiagnosisCauseSolution

Still need help?

The Atlassian Community is here for you.
Ask the Community