How to Know Which TrustStore is used by Confluence

Related content

  • No related content found

Still need help?

The Atlassian Community is here for you.

Ask the community


Platform notice: Server and Data Center only. This article only applies to Atlassian products on the Server and Data Center platforms.

Support for Server* products ended on February 15th 2024. If you are running a Server product, you can visit the Atlassian Server end of support announcement to review your migration options.

*Except Fisheye and Crucible

Summary

When troubleshooting TLS issues, it may be necessary to verify which TrustStore file the Confluence JVM is accessing. This can become confusing in environments with multiple JVMs, potentially leading to certificates being loaded into incorrect files.

Solution

To identify the TrustStore file being used by the Confluence JVM, follow these steps:

  1. Halt all Confluence nodes.

  2. Add the following system property on each node. The method of adding this will depend on your host operating system, further details can be found in the Configuring System Properties documentation.

    -Djavax.net.debug=ssl:verbose:trustmanager
  3. Restart the Confluence nodes one at a time. Ensure each node is functional and can be accessed before starting the next one.

  4. In your catalina.out log file, located in the Confluence installation directory, look for this string:

    trustStore is:

  5. This will reveal the full file path for the TrustStore used by Confluence's JVM. Here is an example entry:

    javax.net.ssl|DEBUG|47|ThreadPoolAsyncTaskExecutor::Thread 11|2024-03-12 15:20:31.552 BRT|TrustStoreManager.java:113|trustStore is: /lib/security/cacerts




Last modified on Sep 12, 2024

Was this helpful?

Yes
No
Provide feedback about this article

Related content

  • No related content found
Powered by Confluence and Scroll Viewport.