Validate that certificates are correctly imported into the Java keystore

Platform Notice: Data Center Only - This article only applies to Atlassian products on the Data Center platform.

Note that this KB was created for the Data Center version of the product. Data Center KBs for non-Data-Center-specific features may also work for Server versions of the product, however they have not been tested. Support for Server* products ended on February 15th 2024. If you are running a Server product, you can visit the Atlassian Server end of support announcement to review your migration options.

*Except Fisheye and Crucible

Symptoms

While trying to run JIRA over SSL, you may need to verify if the certificates were properly imported into the keystore. Some sample situations where this may come up:

  • JIRA fails to startup with Tomcat errors indicating that an alias is not found:

    1 Caused by: java.io.IOException: Alias name jira does not identify a key entry

  • Or JIRA successfully starts, but your browser is showing the wrong certificate details

Resolution

In these situations, it would be best to examine the keystore file directly to ensure that the certificate was properly imported with the appropriate information. This can be done with this command:

1 $ keytool -list -v -keystore your_keystore_file > outputfile

Sample:

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 $ keytool -list -v -keystore test-local.jks > keystore-info.txt Enter keystore password: changeit   $ cat keystore-info.txt Keystore type: JKS Keystore provider: SUN Your keystore contains 1 entry Alias name: test-local Creation date: Jul 9, 2014 Entry type: PrivateKeyEntry Certificate chain length: 1 Certificate[1]: Owner: CN=localhost, OU=local, O=Atlassian, L=Austin, ST=TX, C=US, EMAILADDRESS=test0123@atlassian.com Issuer: CN=localhost, OU=local, O=Atlassian, L=Austin, ST=TX, C=US, EMAILADDRESS=test0123@atlassian.com Serial number: 53bdbc3b Valid from: Wed Jul 09 17:03:39 CDT 2014 until: Thu Jul 09 17:03:39 CDT 2015 Certificate fingerprints: MD5: E5:2D:C1:8A:C1:D4:45:71:5B:9F:8B:61:5E:C2:2C:89 SHA1: 26:4F:BC:2A:72:46:3E:98:C5:19:2D:A3:DD:48:B4:E9:CD:A5:78:9D SHA256: 8C:3B:00:DA:45:38:60:61:E2:2D:AC:D8:37:67:E3:7A:95:10:0B:29:E0:47:B1:DD:35:3C:98:2C:BF:43:D3:60 Signature algorithm name: SHA1withRSA Version: 1 ******************************************* *******************************************
Updated on April 8, 2025
Platform
Data Center only
Product
Jira Software Data Center
On this pageSymptomsResolution

Still need help?

The Atlassian Community is here for you.
Ask the Community