Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Atlassian CLI Java configuration

Greg Johnston
Greg Johnston
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
August 8, 2024

I need to load a certificate onto the Java used by ALCI to allow communication to my Confluence Data center instance. 

 

I assumed ALCI was using the JAVA_HOME of the linux server I am hosting it on but when I check the config I see it is using:

 

Java name . . . . . . . . . . : Substrate VM
Java version . . . . . . . . : 17.0.10

I found this documentation 

https://appfire.atlassian.net/wiki/spaces/SUPPORT/pages/89129234/Resolving+PKIX+Error+when+Connecting+to+Jira+and+Confluence

Not specific to my issue but I did try adding :

export ACLI_JAVA_OPTS="-Djavax.net.ssl.trustStore=$JAVA_HOME/lib/security/cacerts"

to bashsrc, acli.properties, acli-service.properties. This did not work.

I either need to point ACLI to use the server JAVA_HOME or load the cert onto this Java 17 that I cannot find.

Any guidance would be appreciated.

Thanks 

Answer
Watch
Like Shawn Doyle - ReleaseTEAM likes this
1106 views

2 answers

0 votes
neewbee
neewbee
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
May 14, 2025

Just In case anyone run into this problem:

1. Create you trust store with your certificate

keytool -import -trustcacerts -alias bitbucketCert -file your_certificate_file -keystore path_to_your_truststore.jks -storepass changeit

2. use this trust store

put this in your .zshrc or bashrc, just make sure this ACLI_JAVA_OPTS variable is picked up

export ACLI_JAVA_OPTS='-Djavax.net.ssl.trustStore=path_to_your_truststore.jks -Djavax.net.ssl.trustStorePassword=changeit'

If you still have problems, turn on the debug and inspect the log files inside acli dir.

Reply
0 votes
Stefan Stadler
Stefan Stadler
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
August 12, 2024

Hi Greg,

I am not 100% sure if this is also valid for your version of acli, but we managed to use our JRE in order to only have to use one place.

We therefore created a file to start the acli, which has the following content:

#!/bin/bash

settings="-Dfile.encoding=UTF-8"
cliJar=/opt/acli/lib/acli.jar
JRE_HOME=/opt/openjdk11
propertyFile=/opt/acli/acli.properties


$JRE_HOME/bin/java $settings -DACLI_CONFIG="${propertyFile}" -jar "${cliJar}" "${@:1}"

 As this is for Linux, Windows might vary slightly.

However, the key point here is that you run the acli.jar using the JRE of your choice. That allows you to reuse all the certificates that have been loaded into that JRE as well.

The "${@:1}" at the end is just passing the command parameters from calling the file into the resulting command as well.

Hope this helps :)

Reply

Suggest an answer

Log in or Sign up to answer
Confluence
Confluence
DEPLOYMENT TYPE
SERVER
VERSION
7.19
PRODUCT PLAN
STANDARD
TAGS
AUG Leaders

Atlassian Community Events

Community
Forums
FAQs Forums guidelines
Learning
About learning Resources
Events
Champions
Copyright © 2025 Atlassian
Privacy Policy Terms Security