Fix the SSL certification problem

Owned by Moresimp
Last updated: May 19, 2021
1 min read

The simplest way to get an SSL certificate for a domain is using your browser.
Simply go to https://atlassianinsight.passman.co in your browser, then follow the instructions in this guide (Chrome is preferred). https://medium.com/@menakajain/export-download-ssl-certificate-from-server-site-url-bcfc41ea46a2

As another option, if you have OpenSSL installed on your system, you can run this command to get the certification:
openssl s_client -connect atlassianinsight.passman.co:443 | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > passman.co.cer

Once you have the .cer file (for instance passman.co.cer), open the terminal and go to [JIRA_INSTALL_DIR]/jre/lib/security folder, and run the following command:
keytool -import -alias passman.co -keystore cacerts -file passman.co.cer (or whatever you named your vertification file)

You'll be prompted with the message "Enter keystore password:", which is usually "changeit" as a default value.

If you provide the correct password, the content of the certification file will be printed in the terminal.
You'll be prompted again with the message: "Trust this certificate? [no]:"
You have to type "yes" in order to confirm you trust the certification.
If everything is correct you get the message "Certificate was added to keystore".

Now you can try the Insight import again.

PS.: If you'd like to remove the certificate from Java keystore after you finished the test, you can do this by running this command:

keytool -delete -alias passman.co -keystore cacerts