This documentation takes into account the extra steps required for installing a certificate and chain issued by a Windows CA when configuring Atlassian Confluence for SSL/HTTPS. This is basically a replacement for Step #1 in the aforementioned link.
In this example “$Confluence$>” is the Confluence install directory. I keep the .keystore file in this directory for my own tracking purposes.
Create the CSR on the Confluence server
$Confluence$>jre\bin\keytool -certreq -keyalg RSA -alias tomcat -file certreq.csr -keystore .keystore
Generate the certificate and download as a Base64 file format
Export the certificate chain as a DER file format
Double click the file to open it in windows
Export each layer (in our case there’s two) to a file. In this case, the root certificate is is rootca1.cer, intermediate is rootca2.cer. Make sure you use the Base64 Encoded X.509 (CER) format.
Install the root certificate
$Confluence$>jre\bin\keytool.exe -import -alias root -keystore .keystore -file rootca1.cer
Enter keystore password: Owner: CN=[snip} Issuer: CN=[snip] Serial number: [snip] Valid from: [snip] Certificate fingerprints: [snip] Trust this certificate? [no]: yes Certificate was added to keystore
Install the intermediate certificate
$Confluence$>jre\bin\keytool.exe -import -alias intermediate -keystore .keystore -file rootca2.cer
Enter keystore password: Certificate was added to keystore
Install the server certificate
E:\Atlassian\Confluence>jre\bin\keytool.exe -import -alias tomcat -file hostname.cer -keystore .keystore Enter keystore password: Certificate reply was installed in keystore
Confirm you’ve done the rest and configured the keystore password in the Confluence configuration file and then restart the Atlassian Confluence process.
Questions? Comments? Hate mail? Tell me below.