How to convert a PFX certificate file to a JKS format and use in Bamboo server.xml
Platform Notice: Data Center Only - This article only applies to Atlassian apps on the Data Center platform.
Note that this KB was created for the Data Center version of the product. Data Center KBs for non-Data-Center-specific features may also work for Server versions of the product, however they have not been tested. Support for Server* products ended on February 15th 2024. If you are running a Server product, you can visit the Atlassian Server end of support announcement to review your migration options.
*Except Fisheye and Crucible
Summary
Please note that Atlassian Support will refer SSL-related support to the issuing authority for the certificate. The documentation on this page is for reference only.
This page Securing Bamboo with Tomcat using SSL describes steps to enable HTTPS (HTTP over SSL) access for Tomcat, the webserver distributed with Bamboo, using a self-signed certificate. In the below page we'll cover steps on how to convert a PFX certificate type format to JKS ( Java keystore ) and use in Bamboo's server.xml.
Solution
1) The first step is to convert a pfx certificate type to a jks format by using the below keytool command.
keytool -importkeystore -srckeystore mypfxfile.pfx -srcstoretype pkcs12 -destkeystore clientcert.jks -deststoretype JKS ℹ️ Replace mypfxfile.pfx with the name of PFX file you wish to convert to a Java keystore (JKS)
ℹ️ Replace clientcert.jks to the name of the keystore file you wish to create (it must be a JKS file).
2) In the second steps replace the following in Bamboo server.xml file.
keystoreFile="<location of file on bamboo server>/clientcert.jks"
        ℹ️Replace clientcert.jks to the name of the jks file created in the previous step.
For full list of server.xml parameters and other steps to configure ssl with tomcat, please refer Securing Bamboo with Tomcat using SSL
Was this helpful?