Important Update Effective February 1, 2024!
Due to recent changes in Jira and Confluence, we've made the tough decision to discontinue the OpenID Connect (OIDC)/OAuth app and no longer provide new versions for the newest Jira/Confluence releases as of January 31, 2024.
This is due to some necessary components no longer shipping with Jira/Confluence, which would require some extensive rewrites of the OIDC App.
Important Update! This app will be discontinued soon!
Due to recent changes in Jira, which no longer ships with some components required for our Read Receipts app to run, we've made the tough decision to discontinue the app, as of Februar 5, 2025.
Important Update! This app will be discontinued soon!
We've made the tough business decision to discontinue the app, as of January 11, 2025.
Error message: The request was aborted: Could not create SSL/TLS secure channel
Problem
When trying to create a Relying Party Trust at your AD FS server, you receive a "The request was aborted: Could not create SSL/TLS secure channel" error message.
Solution
We have experienced this problem happening when the AD FS server and the Java connector of your Atlassian Data Center or Server product have incompatible TLS versions.
To fix this issue, check the TLS versions supported at your AD FS server and adjust accordingly at the Tomcat config file (tomcat-config/server.xml) of your Atlassian product.
Using Tomcat 8.5 config as an example (https://tomcat.apache.org/tomcat-8.5-doc/config/http.html#SSL_Support_-_SSLHostConfig), you can enable all TLS protocols using the parameters below:
sslProtocol="TLS"
sslEnabledProtocols="all"
An example of the Java connector would be:
<!-- Define an SSL Coyote HTTP/1.1 Connector on port 8443 -->
<Connector
protocol="org.apache.coyote.http11.Http11NioProtocol"
port="8443" maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
enableLookups="false" disableUploadTimeout="true"
acceptCount="100"
scheme="https" secure="true" SSLEnabled="true"
keystoreFile="${user.home}/.keystore" keystorePass="changeit"
clientAuth="false" sslProtocol="TLS" sslEnabledProtocols="all"/>