Error handling trusted applications authentication attempt - OLD_CERT, Certificate too old

Platform Notice: Data Center Only - This article only applies to Atlassian products on the Data Center platform.

Note that this KB was created for the Data Center version of the product. Data Center KBs for non-Data-Center-specific features may also work for Server versions of the product, however they have not been tested. Support for Server* products ended on February 15th 2024. If you are running a Server product, you can visit the Atlassian Server end of support announcement to review your migration options.

*Except Fisheye and Crucible

Symptoms

When linking Fisheye/Crucible with JIRA the following error can be seen in fisheye-debug-<DATE>.log:

1 2 3 4 2012-10-12 15:26:04,206 WARN [btpool0-53 ] com.atlassian.security.auth.trustedapps.filter.TrustedApplicationFilterAuthenticator com.atlassian.security.auth.trustedapps.filter.TrustedApplicationFilterAuthenticator-authenticate - Failed to login trusted application: jira:7571355 due to: com.atlassian.security.auth.trustedapps.CertificateTooOldException: Certificate too old. Application: jira:7571355 Certificate Created: Fri Oct 12 15:25:47 MSK 2012 Timeout: 10000 2012-10-12 15:26:04,206 WARN [btpool0-48 ] com.atlassian.security.auth.trustedapps.filter.TrustedApplicationFilterAuthenticator com.atlassian.security.auth.trustedapps.filter.TrustedApplicationFilterAuthenticator-authenticate - Failed to login trusted application: jira:7571355 due to: com.atlassian.security.auth.trustedapps.CertificateTooOldException: Certificate too old. Application: jira:7571355 Certificate Created: Fri Oct 12 15:25:47 MSK 2012 Timeout: 10000 2012-10-12 15:26:04,206 ERROR [btpool0-53 ] com.atlassian.fisheye.trustedapplications.FisheyeAuthenticationListener com.atlassian.fisheye.trustedapplications.FisheyeAuthenticationListener-authenticationError - Error handling trusted applications authentication attempt:OLD_CERT; Certificate too old. Application: {0} Certificate Created: {1} Timeout: {2}; ["jira:7571355","Fri Oct 12 15:25:47 MSK 2012","10000"] 2012-10-12 15:26:04,206 ERROR [btpool0-48 ] com.atlassian.fisheye.trustedapplications.FisheyeAuthenticationListener com.atlassian.fisheye.trustedapplications.FisheyeAuthenticationListener-authenticationError - Error handling trusted applications authentication attempt:OLD_CERT; Certificate too old. Application: {0} Certificate Created: {1} Timeout: {2}; ["jira:7571355","Fri Oct 12 15:25:47 MSK 2012","10000"]

Cause

There are three possible causes for this behavior:

  • The system clocks on the servers are not set to the same time.

  • Network latency between the server running Fisheye/Crucible and the server running JIRA.

  • The certificates have expired.

Resolution

According to the causes above there are three resolutions:

  • Synchronize both servers so that they have the same time. If the servers are in different timezones, ensure that their OS timezones are set correctly. Use a NTP time server if the clocks are going out of sync very often.

  • Check the network latency. If network latency cannot be be addressed, increase the certificate timeout value in the application link (e.g. from 10000 to 60000).

  • Create or obtain another certificate and configure it in JIRA. This new certificate must be imported into the Fisheye/Crucible keystore (e.g. /lib/security/cacerts file).

Updated on April 8, 2025
Platform
Data Center only
Product
Fisheye Data Center
On this pageSymptomsCauseResolution

Still need help?

The Atlassian Community is here for you.
Ask the Community