Using Bitbucket 5.4.0. I'm trying to configure a webhook to a Jenkins server that is running SSL on port 443. The webhook fails with this error:
javax.net.ssl.SSLHandshakeException: General SSLEngine problem
After turning on debug level logging I can clearly see it's because the certificate is not trusted. I have already imported the Jenkins server's cert into the Bitbucket keystore and trusted it. I have also installed and trusted the intermediate and root CA certificates. I even went so far as to test the java keystore to verify all the certs were properly installed (in the proper order) in the Bitbucket keystore. I tested using the SSLPoke utility. Everything passes. This should work.
The bitbucket.properties file references the location of the java keystore. The password to the keystore is correct. I'm at a loss as to why Bitbucket does not trust the cert. Bitbucket is either not using the keystore as configured or there really is a problem with the keystore. Is there some other utility I can use to verify the keystore? Is there a way to verify Bitbucket is using the configured keystore?
Thanks for reaching out! Though I don't have your debug logs to be sure, this may be an issue with the password setting.
If you're sure the keystore path is correct, please ensure both the key-password and the key-store-password are set. These are required to be the same value in order to access the key.
In addition, be sure the key-alias and key-store-type are correct as well.
I'm also facing same problem like "javax.net.ssl.SSLHandshakeException: General SSLEngine problem" in webhook bitbucket.
I don't know how to import certificate ? and how to do ssl related config.
Any one suggest how to do for certificate configuration for step by step process
Please suggest me.
Here's how to solve this problem.
You'll need to import the public key from in the bitbucket java cacerts file.
First export the certificate:
openssl s_client -connect google.com:443 < /dev/null | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > public.crt
Next, you can import the new cert into the trust store:
<JAVA_HOME>/bin/keytool -import -alias <server_name> -keystore <JAVA_HOME>/jre/lib/security/cacerts -file public.crt
Full info and windows instructions are here:
Hi everyone, The Cloud team recently announced 12 new DevOps features that help developers ship better code, faster ! While we’re all excited about the new improvements to Bitbucket ...
Connect with like-minded Atlassian users at free events near you!Find an event
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no Community Events near you at the moment.Host an event
You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events