Importing your self-signed certificate into Atlassian

If you are using a self-signed certificate for PingFederate, import it into the Java virtual machine (JVM) key store of the Atlassian server. This is required when the authentication type is mutual SSL or Basic authentication.

About this task

The default key store password on most systems is changeit. On MacOS 10.7 or earlier, the password is changeme.

Steps

Run the following command as an administrative user (or sudo):

keytool -importcert -alias {pingfed} -file /<full_path_to_cert>/<certificate_name>.crt -keystore /<full_path_to_jre>/lib/security/cacerts

Replace the variables in the command as follows:

Variable Description

Variable	Description
`full_path_to_cert`	Based on previous configuration steps, this value is: `$PINGFEDERATE_ATLASSIAN_DATA_PATH`
`certificate_name`	The file name of the certificate.
`full_path_to_jre`	The Java Runtime Environment (JRE) being used by Atlassian is usually listed when you start Jira or Confluence.

full_path_to_cert

Based on previous configuration steps, this value is:

$PINGFEDERATE_ATLASSIAN_DATA_PATH

certificate_name

The file name of the certificate.

full_path_to_jre

The Java Runtime Environment (JRE) being used by Atlassian is usually listed when you start Jira or Confluence.