Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

How to import the X509 SSL certificate (.cer) for SSL Configure

Hemant Madhyan
Hemant Madhyan January 9, 2020

I am having a .cer certificate provided from my IT Team for SSL confifuration . I have imported it in default keystore <JIRAHOME>\security\cacerts But still it shows an exception 

Caused by: java.lang.IllegalArgumentException: jsse.alias_no_key_entry...

 

Although it has a private key associated with it...

 

Can you suggest me some concrete steps to configure ssl with existing .cer  file ...

 

Regards,

Hemant

 

Answer
Watch
Like Anton Brunberg likes this
1599 views

1 answer

0 votes
Alexis Robert
Alexis Robert
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
January 9, 2020

Hi @Hemant Madhyan , 

 

what is exactly the command you're running to import the certificate ? From the error, it looks like it's missing the alias argument.

 

Let me know if this helps, 

 

--Alexis

View More Comments
Hemant Madhyan
Hemant Madhyan January 9, 2020

C:\Program Files\Atlassian\JIRA\jre\bin>keytool -import -alias jira -keystore "
:\Program Files\Atlassian\JIRA\jre\lib\security\cacerts" -trustcacerts -file "C:
\Certificates\jira.cer"

Like
Alexis Robert
Alexis Robert
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
January 9, 2020

Hi @Hemant Madhyan , 

 

this might be because your CER file has a key file with a different alias than the one you're configuring on the command line. You actually dont need the key in the certificate that you're importing into the keystore, so I'd suggest using only the certificate without the key.

You can do this simply by editing the cer file (it's a simple text file).

 

Let me know if this helps, 

 

--Alexis 

Like
Hemant Madhyan
Hemant Madhyan January 9, 2020

Hi @Alexis Robert , 

 

Thanks for the reply. But as per the documentation i can see that the certificates need the private key too.

 

Although we can import the certificates without private key into the keystore. But, while  starting the JIRA it sates the same error.

 

So, i followed this link 

https://community.atlassian.com/t5/Jira-questions/Configure-JIRA-over-SSL-with-already-issued-certificate/qaq-p/429113

 

and i am able to launch JIRA on SSL now. But, it's working only while logging to the jira server not from outside as it shows certificate warning ... So, what could be the issue ?

 

Like
Alexis Robert
Alexis Robert
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
January 9, 2020

What do you mean by "from outside it shows certificate warning" ? Do you mean outside your corporate network ? 

Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira Software
TAGS
AUG Leaders

Atlassian Community Events

    See all events