I was tasked to configure our confluence server to use our wildcard certificate. I use this guide as reference https://confluence.atlassian.com/doc/running-confluence-over-ssl-or-https-161203.html. Since I already have a downloaded certificate. I did not go through all the steps on the guide and proceed with importing the certificate (option2 step 5) using the command below which was successful.
C:\>keytool –import –keystore ..\lib\security\cacerts –alias newcertificate –storepass changeit –noprompt –trustcacerts –file c:\new_certificate.crt
I Then proceed with steps 2, 3 and 4. I restarted confluence and tried accessing confluence again using https://confluence.mydomain.com:8443 using chrome now its showing me an error "ERR_SSL_VERSION_OR_CIPHER_MISMATCH. My server.xml looks like this:
<Connector port="8443" maxHttpHeaderSize="8192" maxThreads="150" minSpareThreads="25" maxSpareThreads="75" enableLookups="false" disableUploadTimeout="true" acceptCount="100" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" SSLEnabled="true" URIEncoding="UTF-8" keystorePass="mypassword" keystoreFile="<C:\Program Files\Atlassian\Confluence\jre\lib\security\cacerts>"/>
Am I missing something here?
Thanks in advance for your response.
Is your keystore locate inside the "cacerts"? Commonly, you need to create a keystore as per that article, and import the certificate inside the keystore, then your keystore path in your server.xml would look like:
Can you see that I pointed the .keystore archive? I suggest following again that article so you could create a .keystore and import that certificate in it.
You need to create Confluence's local keystore (If it does not exist, which I think it does since you have already a
certificate) install it there and also install the certificate in the java cacerts file again make sure the chain and/or
the root CA certficate are installed there since Java uses that file to trust any certificate it encounters. and restart Confluence. Remember that while installing the certifiate in Confluence's local keystore you have to use the original "Alias" that was used when the keystore was created so it integrates correctly into your keystore.
Badges are a great way to show off community activity, whether you’re a newbie or a Champion.Learn more
Hi Community, Jessica here from the Confluence Product Marketing team! July’s community challenge is all about sharing pictures — and as an extension of our first post on what ...
Connect with like-minded Atlassian users at free events near you!Find a group
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no AUG chapters near you at the moment.Start an AUG
You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs