I was tasked to configure our confluence server to use our wildcard certificate. I use this guide as reference https://confluence.atlassian.com/doc/running-confluence-over-ssl-or-https-161203.html. Since I already have a downloaded certificate. I did not go through all the steps on the guide and proceed with importing the certificate (option2 step 5) using the command below which was successful.
C:\>keytool –import –keystore ..\lib\security\cacerts –alias newcertificate –storepass changeit –noprompt –trustcacerts –file c:\new_certificate.crt
I Then proceed with steps 2, 3 and 4. I restarted confluence and tried accessing confluence again using https://confluence.mydomain.com:8443 using chrome now its showing me an error "ERR_SSL_VERSION_OR_CIPHER_MISMATCH. My server.xml looks like this:
<Connector port="8443" maxHttpHeaderSize="8192" maxThreads="150" minSpareThreads="25" maxSpareThreads="75" enableLookups="false" disableUploadTimeout="true" acceptCount="100" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" SSLEnabled="true" URIEncoding="UTF-8" keystorePass="mypassword" keystoreFile="<C:\Program Files\Atlassian\Confluence\jre\lib\security\cacerts>"/>
Am I missing something here?
Thanks in advance for your response.
Is your keystore locate inside the "cacerts"? Commonly, you need to create a keystore as per that article, and import the certificate inside the keystore, then your keystore path in your server.xml would look like:
Can you see that I pointed the .keystore archive? I suggest following again that article so you could create a .keystore and import that certificate in it.
You need to create Confluence's local keystore (If it does not exist, which I think it does since you have already a
certificate) install it there and also install the certificate in the java cacerts file again make sure the chain and/or
the root CA certficate are installed there since Java uses that file to trust any certificate it encounters. and restart Confluence. Remember that while installing the certifiate in Confluence's local keystore you have to use the original "Alias" that was used when the keystore was created so it integrates correctly into your keystore.
This community is celebrating its one-year anniversary and Atlassian co-founder Mike Cannon-Brookes has all the feels.Read more
Hi Community! Kesha (kay-sha) from the Confluence marketing team here! Can you share stories with us on how your non-technical (think Marketing, Sales, HR, legal, etc.) teams are using Confluen...
Connect with like-minded Atlassian users at free events near you!Find a group
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no AUG chapters near you at the moment.Start an AUG
You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs