Setup: Jira or BitBucket is installed.

Problem: Jira or BitBucket needs to access external services eg. Active Directory protected by SSL and the connection is refused because the certificate is not trusted.

Solution: Import the root CA of the certificate into the keystore.

X:\Atlassian\JIRA\jre\bin\keytool -importcert -alias CA-ROOT -keystore X:\Atlassian\JIRA\jre\lib\security\cacerts -file c:\temp\rootca.cer

OBS. Replace the alias, the path to keystore and the .cer file path with your own values.

Similar steps for BitBucket. Also if you have an intermediate CA you need to add that too.

X:\Atlassian\Bitbucket\jre\bin\keytool -importcert -alias Root-CA -keystore X:\Atlassian\Bitbucket\4.5.1\jre\lib\security\cacerts -file c:\temp\rootca.cer
X:\Atlassian\Bitbucket\jre\bin\keytool -importcert -alias Interm-CA -keystore X:\Atlassian\Bitbucket\4.5.1\jre\lib\security\cacerts -file c:\temp\intermediate.cer

Alternatively you can use a GUI like Portecle (

Leave a Reply

Your email address will not be published.