Forums

Articles
Create
cancel
Showing results for 
Search instead for 
Did you mean: 

Atlassian CLI Java configuration

Greg Johnston
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
August 8, 2024

I need to load a certificate onto the Java used by ALCI to allow communication to my Confluence Data center instance. 

 

I assumed ALCI was using the JAVA_HOME of the linux server I am hosting it on but when I check the config I see it is using:

 

Java name . . . . . . . . . . : Substrate VM
Java version . . . . . . . . : 17.0.10

I found this documentation 

https://appfire.atlassian.net/wiki/spaces/SUPPORT/pages/89129234/Resolving+PKIX+Error+when+Connecting+to+Jira+and+Confluence

Not specific to my issue but I did try adding :

export ACLI_JAVA_OPTS="-Djavax.net.ssl.trustStore=$JAVA_HOME/lib/security/cacerts"

to bashsrc, acli.properties, acli-service.properties. This did not work.

I either need to point ACLI to use the server JAVA_HOME or load the cert onto this Java 17 that I cannot find.

Any guidance would be appreciated.

Thanks 

2 answers

0 votes
neewbee
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
May 14, 2025

Just In case anyone run into this problem:

1. Create you trust store with your certificate

keytool -import -trustcacerts -alias bitbucketCert -file your_certificate_file -keystore path_to_your_truststore.jks -storepass changeit

2. use this trust store

put this in your .zshrc or bashrc, just make sure this ACLI_JAVA_OPTS variable is picked up

export ACLI_JAVA_OPTS='-Djavax.net.ssl.trustStore=path_to_your_truststore.jks -Djavax.net.ssl.trustStorePassword=changeit'

If you still have problems, turn on the debug and inspect the log files inside acli dir.

0 votes
Stefan Stadler
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
August 12, 2024

Hi Greg,

I am not 100% sure if this is also valid for your version of acli, but we managed to use our JRE in order to only have to use one place.

We therefore created a file to start the acli, which has the following content:

#!/bin/bash

settings="-Dfile.encoding=UTF-8"
cliJar=/opt/acli/lib/acli.jar
JRE_HOME=/opt/openjdk11
propertyFile=/opt/acli/acli.properties


$JRE_HOME/bin/java $settings -DACLI_CONFIG="${propertyFile}" -jar "${cliJar}" "${@:1}"

 As this is for Linux, Windows might vary slightly.

However, the key point here is that you run the acli.jar using the JRE of your choice. That allows you to reuse all the certificates that have been loaded into that JRE as well.

The "${@:1}" at the end is just passing the command parameters from calling the file into the resulting command as well.

Hope this helps :)

Suggest an answer

Log in or Sign up to answer
DEPLOYMENT TYPE
SERVER
VERSION
7.19
PRODUCT PLAN
STANDARD
TAGS
AUG Leaders

Atlassian Community Events