Orange colored text describes functional differences in previous 3.x releases
Under this section, the private PGP keys and S/MIME certificates of the Confluence Bitbucket server are managed. They are used for signing outgoing emails.
...
Note that, if you have configured Confluence Bitbucket to use multiple email addresses, the key store must either hold multiple keys or certificates for them, or the keys or certificates must be issued for multiple email addresses.
...
If outgoing emails are to be signed, the server key store should also contain the (public) intermediate certificates, so they can be included in the signature.
Prior to version 3.1, intermediate certificates were not included.
Key store location
Provide path and file name of the certificate keystore, as seen from the server your Confluence instance Bitbucket instance runs on. The key store must be in PKCS#12 format. The file suffix of such key stores is usually p12 or pfx.
...
Provide path and file name of the certificate keystore, as seen from the server your Confluence instance Bitbucket instance runs on. The key store must be in ASCII-armored or GPG binary format. The file suffixes of such key stores (also called key rings) are usually asc and gpg, respectively.
...
| Info | ||
|---|---|---|
| ||
The passwords are stored in the database in encrypted format and used only internally. They cannot be reproduced by any Confluence user Bitbucket user or administrator. However, since encryption of passwords alone cannot be considered fully safe, appropriate access control of your database is a prerequisite to achieve adequate protection. |
...