Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

Bitbucket SSLHandshakeException on connection to Jenkins server

Using Bitbucket 5.4.0.  I'm trying to configure a webhook to a Jenkins server that is running SSL on port 443.  The webhook fails with this error: 

 

javax.net.ssl.SSLHandshakeException: General SSLEngine problem

After turning on debug level logging I can clearly see it's because the certificate is not trusted.  I have already imported the Jenkins server's cert into the Bitbucket keystore and trusted it.  I have also installed and trusted the intermediate and root CA certificates.  I even went so far as to test the java keystore to verify all the certs were properly installed (in the proper order) in the Bitbucket keystore.  I tested using the SSLPoke utility.  Everything passes.  This should work.

 

The bitbucket.properties file references the location of the java keystore.  The password to the keystore is correct.  I'm at a loss as to why Bitbucket does not trust the cert.  Bitbucket is either not using the keystore as configured or there really is a problem with the keystore.  Is there some other utility I can use to verify the keystore?  Is there a way to verify Bitbucket is using the configured keystore?

2 answers

1 accepted

0 votes
Answer accepted

Here's how to solve this problem.

 

You'll need to import the public key from in the bitbucket java cacerts file.

First export the certificate:

openssl s_client -connect google.com:443 < /dev/null | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > public.crt

Next, you can import the new cert into the trust store:

<JAVA_HOME>/bin/keytool -import -alias <server_name> -keystore <JAVA_HOME>/jre/lib/security/cacerts -file public.crt 

 

Full info and windows instructions are here:

https://confluence.atlassian.com/bitbucketserver071/if-you-use-self-signed-certificates-998653703.html 

0 votes

Hi Andy,

 

Thanks for reaching out! Though I don't have your debug logs to be sure, this may be an issue with the password setting.

If you're sure the keystore path is correct, please ensure both the key-password and the key-store-password are set. These are required to be the same value in order to access the key.

In addition, be sure the key-alias and key-store-type are correct as well.

 

Thanks,

Shashank

Hi friends,

   I'm also facing same problem like "javax.net.ssl.SSLHandshakeException: General SSLEngine problem" in webhook bitbucket.

Webhooks   Bitbucket.png

I don't know how to import certificate ? and how to do ssl related config. 

Any one suggest how to do for certificate configuration for step by step process

Please suggest me.

Thanks

SS4U

Suggest an answer

Log in or Sign up to answer
TAGS
Community showcase
Published in Bitbucket

New improvements to user management in Bitbucket Cloud 👥

Hey Community! We’re willing to wager that quite a few of you not only use Bitbucket, but administer it too. Our team is excited to share that we’ll be releasing improvements throughout this month of...

3,920 views 10 16
Read article

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you