Forums
Home Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions
Community
Forums
Home Q&A Discussion groups Articles Ask a question Search
Learning Events Champions
Forums
Home Q&A Discussion groups Articles Ask a question Search
Learning Events Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Bitbucket Pipelines compatibility with Salesforce SSL/TLS certificate change DigiCert Global Root G2

Rohit Patwardhan
Rohit Patwardhan
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
January 20, 2026

Hi everyone,

We have an integration between Salesforce and Bitbucket Pipelines, and Salesforce has announced an upcoming SSL/TLS certificate change that may affect integrations.

Change details:
Effective February 5, 2026, Salesforce will rotate its certificate chain to use the DigiCert Global Root G2 root certificate.

What we’re trying to confirm:
We’d like to verify whether Bitbucket Pipelines and its underlying infrastructure already trust this root certificate, specifically:

  • Whether DigiCert Global Root G2 is included in Bitbucket Pipelines’ trust store

  • Whether there is any certificate pinning that could block the new chain

  • Whether any configuration changes are required on our side to avoid connection failures

Context:
We are using Bitbucket Pipelines as part of our CI/CD and integration workflows.

If anyone from Atlassian or the community has already validated this change or has guidance on how Bitbucket handles trusted root certificates for outbound connections, we’d really appreciate your insight.

 

Thanks in advance for your help,
Rohit

Answer
Watch
Like Be the first to like this
246 views

1 answer

1 accepted

0 votes
Answer accepted
Syahrul
Syahrul
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
January 21, 2026

Hey @Rohit Patwardhan 

Welcome to the community.

As long as the base image you use in your pipeline trusts DigiCert Global Root G2, the change in Salesforce’s chain will not be blocked by Bitbucket-level pinning.

If your bitbucket-pipelines.yml uses typical public images (e.g. Atlassian-provided images, official Docker Hub images like node:XX, openjdk:XX, ubuntu:XX, alpine:XX, etc.):

  • Those images use standard system CA bundles.
  • DigiCert Global Root G2 is widely included in modern CA bundles (it’s the same root Atlassian itself is moving toward).
  • You are unlikely to need any change in your Bitbucket Pipelines configuration just because Salesforce rotates to this root.

I hope this helps.

Regards,
Syahrul

Reply

Suggest an answer

Log in or Sign up to answer
Bitbucket
Bitbucket
DEPLOYMENT TYPE
CLOUD
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2026 Atlassian
    Privacy Policy Notice at Collection Terms Security