Uploaded image for project: 'Bitbucket Data Center'
  1. Bitbucket Data Center
  2. BSERV-19615

Bitbucket won't start on Bitbucket 9.x, when using MSSQL Server without an SSL connection

XMLWordPrintable

      Issue Summary

      When upgrading Bitbucket 9.x, the application doesn't start when using Microsoft SQL Server without an SSL connection.

      This error doesn't happen when using PostgreSQL or Oracle.

      This is reproducible on Data Center: Yes

      Steps to Reproduce

      1. Install a Bitbucket and connect with the MSSQL Server (any version) without encrypting the DB connection.
      2. Upgrade Bitbucket from any version to 9.x.
      3. You will see an error in the log:
        2024-09-10 20:15:49,444 WARN  [spring-startup]  o.s.w.c.s.XmlWebApplicationContext Exception encountered during context initialization - cancelling refresh attempt: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'licenseValidator' defined in class path resource [critical-context.xml]: Invocation of init method failed; nested exception is org.springframework.dao.DataAccessResourceFailureException: Unable to retrieve license details from the database: ; nested exception is com.microsoft.sqlserver.jdbc.SQLServerException: "encrypt" property is set to "true" and "trustServerCertificate" property is set to "false" but the driver could not establish a secure connection to SQL Server by using Secure Sockets Layer (SSL) encryption: Error: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target. ClientConnectionId:979ab700-f6da-4fbb-a0dc-c826ddbc257a
        
      4. And the following error in the UI:

      Expected Results

      The application should start automatically using the JDBC URL used in the previous versions.

      Actual Results

      The below exception is thrown in the atlassian-bitbucket.log file:

      2024-09-10 20:15:49,444 WARN  [spring-startup]  o.s.w.c.s.XmlWebApplicationContext Exception encountered during context initialization - cancelling refresh attempt: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'licenseValidator' defined in class path resource [critical-context.xml]: Invocation of init method failed; nested exception is org.springframework.dao.DataAccessResourceFailureException: Unable to retrieve license details from the database: ; nested exception is com.microsoft.sqlserver.jdbc.SQLServerException: "encrypt" property is set to "true" and "trustServerCertificate" property is set to "false" but the driver could not establish a secure connection to SQL Server by using Secure Sockets Layer (SSL) encryption: Error: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target. ClientConnectionId:979ab700-f6da-4fbb-a0dc-c826ddbc257a
      2024-09-10 20:15:49,444 INFO  [spring-startup]  c.a.s.internal.home.HomeLockAcquirer Releasing lock on /var/atlassian/application-data/bitbucket
      2024-09-10 20:15:49,446 ERROR [spring-startup]  c.a.j.s.w.s.JohnsonDispatcherServlet SpringMVC dispatcher [springMvc] could not be started
      

      The error occurs because the application is setting the property "encrypt=true" by default. If the database doesn't have an SSL connection, this will throw an error and prevent the application from starting.

      Workaround

      Since the "encrypt=true" is causing the error, we need to add the following property at the end of the JDBC URL in your Bitbucket properties:

      encrypt=false;
      

      JDBC URL example:

      jdbc.url=jdbc:sqlserver://<DB_URL>:1433;databaseName=<DATABASE>;encrypt=false;
      

              e74118b4e28d David Jansons
              9c941f86b120 Pablo Silva
              Votes:
              2 Vote for this issue
              Watchers:
              8 Start watching this issue

                Created:
                Updated:
                Resolved: