Bitbucket site unsecure due to untrusted certificate

I used the instruction at https://confluence.atlassian.com/bitbucketserver/securing-bitbucket-server-with-tomcat-using-ssl-776640127.html?_ga=2.56331501.730743067.1554138967-423285032.1546880165#SecuringBitbucketServerwithTomcatusingSSL-selfsignedcert to set up SSL for my bitbucket server installation. I am using a certificate from a CA so I used that section of the instructions.

1. I generated the self signed certificate. This produced a .keystore file
2. Then used the result of step #1 to generate CSR.
3. I used the CSR to request a certificate which worked.
4. When I tried to install the certificate using;
   1. keytool -import -alias tomcat -file gtswtbitsyslnxvm1_domain_com.crt -keystore /var/atlassian/application-data/bitbucket/.keystore
   2. Enter keystore password: - here I entered the password and got;
      1. keytool error: java.lang.Exception: Public keys in reply and keystore don't match
5. I researched the issue and found a solution that if you changed the alias the key would import. So I did ;
   1. keytool -import -alias bitbucket -file gtswtbitsyslnxvm1_domain_com.crt -keystore /var/atlassian/application-data/bitbucket/.keystore
   2. The result was;
      1.  Trust this certificate? [no]: yes ( entered yes to the question) and I got message “Certificate was added to keystore”.
6. I then configured my bitbucket properties file see the keystore and use the new 8443 port. All this was ok. However, when I restarted the tool tried to connect using http it says the certificate is not trusted because it is self signed. I cannot use the self signed cert. What am I doing incorrectly in the process?