Updating Atlassian Certificates Bundles

Using the Universal Plugin Manager

On this page

Related content

  • No related content found

Still need help?

The Atlassian Community is here for you.

Ask the community

This article describes how to update Atlassian CA certificates to enable app signing. These certificates are used to validate apps hosted on the Atlassian Marketplace.

On this page:


Context

To enable app signing, you need to set up your trust store by securely adding all certificates from trusted sources. There may be more than one trusted source. The next sections explain the two main scenarios.

Trust Atlassian app signing CA

Atlassian app signing Certificate Authority (CA) certificates are part of the certificate chain of trust used by Atlassian Marketplace to sign apps. The UPM validates apps' certificates by verifying their certificate path; therefore, the Atlassian CA certificates must be trusted and stored in the local trust store.

Installation process

  1. Download the latest Certificates Bundle from the list below.
  2. Verify bundle checksum. How to verify checksum on Windows, Linux, or MacOS
  3. Extract the bundle certificates, which should include:
    1. Atlassian Root CA certificates
    2. Atlassian Intermediate CA certificates
  4. Store all certificate files in your trust store. The trust store location is listed on the UPM Certificates admin page.
  5. Make sure the file permissions are set correctly. For details, see Configuration resources location.
  6. Remove any expired certificates.

Private builds and custom certificates

Marketplace partners and clients may generate their own signing certificates. For guidance, see 
Generating app signature and verification certificate using OpenSSL. These certificates must also be trusted to support private builds and custom app installations.

Installation process

  1. Get the signing certificate using one of the following methods:
  2. Add the certificate to your trust store. The trust store location is listed on the UPM Certificates admin page.
  3. Make sure the file permissions are set correctly. For details, see Configuration resources location.
  4. Remove any expired certificates.

Atlassian Certificates Bundles

DateCertificates BundleChecksums

 

atlassian_ca_bundle-v1.zip

SHA-256

190241780305743cbc2f5d2b9fbcf2e6bd23ce188362b74a2a3acbd21d52816d

SHA-512

21c841b57a37262558b5444d9f781414e574478761967ca9ea93674d471d8e611892dc72fc0ed22d863d29b8e86170d02c60206163448db8ae3cfd3869c2ea11

atlassian_ca_bundle-v1.tar.gz

SHA-256

373f4142d72eb111333f8bd2bd618cf02ae380f027878e7f0a23fdcd77b9df5a

SHA-512

7505ac87568db2eaed3faf71b5cd4502e2cff6c3648de11b8a93e9eca4052223e2774d7b430a81b20e04cbd0572f3a436db6a9eac73c792cad90723f49e0f1cc
Last modified on Jul 2, 2025

Was this helpful?

Yes
No
Provide feedback about this article

Related content

  • No related content found
Powered by Confluence and Scroll Viewport.