Just In case anyone run into this problem:

1. Create you trust store with your certificate

keytool -import -trustcacerts -alias bitbucketCert -file your_certificate_file -keystore path_to_your_truststore.jks -storepass changeit

2. use this trust store

put this in your .zshrc or bashrc, just make sure this ACLI_JAVA_OPTS variable is picked up

export ACLI_JAVA_OPTS='-Djavax.net.ssl.trustStore=path_to_your_truststore.jks -Djavax.net.ssl.trustStorePassword=changeit'

If you still have problems, turn on the debug and inspect the log files inside acli dir.

Hi Greg,

I am not 100% sure if this is also valid for your version of acli, but we managed to use our JRE in order to only have to use one place.

We therefore created a file to start the acli, which has the following content:

#!/bin/bash

settings="-Dfile.encoding=UTF-8"
cliJar=/opt/acli/lib/acli.jar
JRE_HOME=/opt/openjdk11
propertyFile=/opt/acli/acli.properties


$JRE_HOME/bin/java $settings -DACLI_CONFIG="${propertyFile}" -jar "${cliJar}" "${@:1}"

 As this is for Linux, Windows might vary slightly.

However, the key point here is that you run the acli.jar using the JRE of your choice. That allows you to reuse all the certificates that have been loaded into that JRE as well.

The "${@:1}" at the end is just passing the command parameters from calling the file into the resulting command as well.

Hope this helps :)