How to generate a SSL self-signed Certificate with a longer expiry date

Platform Notice: Data Center Only - This article only applies to Atlassian products on the Data Center platform.

Note that this KB was created for the Data Center version of the product. Data Center KBs for non-Data-Center-specific features may also work for Server versions of the product, however they have not been tested. Support for Server* products ended on February 15th 2024. If you are running a Server product, you can visit the Atlassian Server end of support announcement to review your migration options.

*Except Fisheye and Crucible

Summary

By default, All the self-signed certificate only valid for 90 days, then you will need to renew them every 90 days, which is very troublesome.

Solution

Run the following command (where validity is the number of days before the certificate will expire):

1 keytool -genkey -keyalg RSA -alias selfsigned -keystore keystore.jks -storepass password -validity 360 -keysize 2048

For additional details see: How to create a self signed certificate using Java Key Tool

Updated on April 2, 2025
Platform
Data Center only
Product
Confluence Data Center
On this pageSummarySolution

Still need help?

The Atlassian Community is here for you.
Ask the Community