Hi, I have set the keystore for Bamboo Server in ${INSTALL}/conf/server.xml  (along with non-default password) with a certificate that expires well into the future.  However, I am finding that the automatic certificate management that Bamboo uses for the ActiveMQ broker (${HOME}/xml-data/configuration/broker.ks) only creates a certificate that is valid for 3 months. I would like to use the same certificate for both so that I don't have to keep deleting the file so that Bamboo can create a new certificate for the broker.  I have tried the various SSL_OPTS=..., including following https://confluence.atlassian.com/bamboo/securing-your-remote-agents-289277197.html  - Special considerations/troubleshooting.  I find that no matter what, if I add -Dbamboo.manage.jms.ssl=false to either JAVA_TOOL_OPTIONS or as a parameter to start-bamboo.sh, the broker will continue to use the default file.  

I also can't find what the password is for the default broker.ks file, so I don't know if symlinking it to the server keystore will break everything, or perhaps creating my own broker.ks file there.  I tried both 'password' and 'changeit' and those were not the passwords.  

Does ActiveMQ look for a certificate alias of 'jmsbrokerkey'???

It is very annoying that the certificate expires every 3 months, meaning our regular network scans will flag our server as non-compliant.