I need to load a certificate onto the Java used by ALCI to allow communication to my Confluence Data center instance.
I assumed ALCI was using the JAVA_HOME of the linux server I am hosting it on but when I check the config I see it is using:
Java name . . . . . . . . . . : Substrate VM
Java version . . . . . . . . : 17.0.10
I found this documentation
https://appfire.atlassian.net/wiki/spaces/SUPPORT/pages/89129234/Resolving+PKIX+Error+when+Connecting+to+Jira+and+Confluence
Not specific to my issue but I did try adding :
export ACLI_JAVA_OPTS="-Djavax.net.ssl.trustStore=$JAVA_HOME/lib/security/cacerts"
to bashsrc, acli.properties, acli-service.properties. This did not work.
I either need to point ACLI to use the server JAVA_HOME or load the cert onto this Java 17 that I cannot find.
Any guidance would be appreciated.
Thanks
Just In case anyone run into this problem:
1. Create you trust store with your certificate
keytool -import -trustcacerts -alias bitbucketCert -file your_certificate_file -keystore path_to_your_truststore.jks -storepass changeit
2. use this trust store
put this in your .zshrc or bashrc, just make sure this ACLI_JAVA_OPTS variable is picked up
export ACLI_JAVA_OPTS='-Djavax.net.ssl.trustStore=path_to_your_truststore.jks -Djavax.net.ssl.trustStorePassword=changeit'
If you still have problems, turn on the debug and inspect the log files inside acli dir.
Hi Greg,
I am not 100% sure if this is also valid for your version of acli, but we managed to use our JRE in order to only have to use one place.
We therefore created a file to start the acli, which has the following content:
#!/bin/bash
settings="-Dfile.encoding=UTF-8"
cliJar=/opt/acli/lib/acli.jar
JRE_HOME=/opt/openjdk11
propertyFile=/opt/acli/acli.properties
$JRE_HOME/bin/java $settings -DACLI_CONFIG="${propertyFile}" -jar "${cliJar}" "${@:1}"
As this is for Linux, Windows might vary slightly.
However, the key point here is that you run the acli.jar using the JRE of your choice. That allows you to reuse all the certificates that have been loaded into that JRE as well.
The "${@:1}" at the end is just passing the command parameters from calling the file into the resulting command as well.
Hope this helps :)
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Online forums and learning are now in one easy-to-use experience.
By continuing, you accept the updated Community Terms of Use and acknowledge the Privacy Policy. Your public name, photo, and achievements may be publicly visible and available in search engines.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.