I upgraded to Bitbucket Server 5 from 4.latest and cannot get the SSL part configured in the new bitbucket.properties file which migrated from server.xml. I'm getting a SSL protocol error when trying to go to my site in Chrome, etc. Here are my configs, first the server. xml file and the new bitbucket.properties file. I'm using Windows Server 2012 R2.
Can someone please tell me how to setup the bitbucket.properties file for my former connectors?
I just resolved this issue, short story, I needed to have both ssl.key-store-password and ssl.key-password (in addition to ssl.enabled=true). While probably not necessary I also re-exported my wildcart cert from IIS to a pfx, left it as a pfx and updated my config to use pkcs12 as the type. I used the keytool command to get the aliax from the pfx which is a guid. Here is my complete new config that now works. Many thanks to Atlassian support for the help and Jeff above.
It's a shame we don't have comments inline with the documentation like in the past as that's always been a huge help. There is a lot lacking in the documentation, I had to take a stab at server.address as you can see I set a port and IP address as do all my atlassian products on one server.
Full day lost on this one! :( But I'm glad it's fixed.
EDIT: I changed the config above, using the pfx / pkcs12 did not work, maybe for lack of using an alias in my config, I don't know. While it worked to connect from the web site Bamboo could not get a valid SSL connection to clone git repos. I changed to the JKS cert and added the alias and now it works for me for all endpoints.
What is the SSL error that you're seeing?
It looks like the ssl.enabled property is missing. Can you try adding the following and see if it resolves the error?
If you were following a guide for this, can you let me know which one? I want to make sure that property is included in the documentation.
Update: Looks like you may be following Migrate server.xml customizations to bitbucket.properties which is missing this property. I'll get it updated.
When I add that the windows service will fail and stop.
APPLICATION FAILED TO START
The Tomcat connector configured to listen on port 443 failed to start. The port may already be in use or the connector may be misconfigured.
Verify the connector's configuration, identify and stop any process that's listening on port 443, or configure this application to listen on another port.
2017-05-05 14:40:16,166 INFO [main] c.a.b.i.boot.log.BuildInfoLogger Bitbucket 5.0.0 has shut down
I'm also having the exact same same issue. It's obviously a bitbucket.properties configuration issue but I can't at all find what's wrong.
My keystore is in pkcs12 format and my bitbucket.properties entries are:
And I get the exact same error as above, when I attempt to stop and restart BB 5.5.0.
Is it possible that your key alias is a custom one?
If that's the case, you would need to explicitly define it in the bitbucket.properties file.
Here is how you can check it:
- Find the correct alias: run this command against your keystore to list the keys and look at the value of the "Alias name" field
keytool -v -list -keystore <keystore> | grep Alias
- Add the key alias to your config: In $BITBUCKET_HOME/shared/bitbucket.propertie, add the key alias from step 1 to your main connector configuration
Here's how I did it.
Alias needs to match the name in the keystore
I am also having issues, please help
These are the errors I am getting right now? Any help would be wonderful thanks
2018-05-14 15:51:35,099 ERROR [main] o.a.coyote.http11.Http11NioProtocol Failed to start end point associated with ProtocolHandler ["https-jsse-nio-10.196.28.114-7991"]
java.lang.IllegalArgumentException: java.io.IOException: Alias name [tomcat] does not identify a key entry
Can you try the suggestion from this comment in this thread?
We also have an article here that covers how to implement this configuration:
Caterina - Atlassian
I was having the same problem on Windows, turns out I needed to supply an alias name. I've copied my properties below for anyone else struggling to set up SSL on v5 of BitBucket on Windows.
If you've forgotten your alias, like I did, you can find it by opening a CMD prompt and using the following, altering the path to your point to your ".jks" file.
"%JAVA_HOME%\bin\keytool" -list -v -keystore C:\Atlassian\ApplicationData\Bitbucket\shared\config\ssl-keystore\bitbucket.jks
server.ssl.key-alias=<your alias here>
server.ssl.key-store-password=<your password here>
server.ssl.key-password=<your password here>
I am also having issue after upgrading from 4.12 to 5.13. Here is my server.xml
sslEnabledProtocols="TLSv1, TLSv1.1, TLSv1.2"
and this is what on my bitbucket.properties
server.ssl.protocol=TLSv1, TLSv1.1, TLSv1.2
but still having the error above. please help. thanks.
Hello! My name is Mark Askew and I am a Premier Support Engineer for products Bitbucket Server/Data Center, Fisheye & Crucible. Today, I want to bring the discussion that Jennifer, Matt, and ...
Connect with like-minded Atlassian users at free events near you!Find a group
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no AUG chapters near you at the moment.Start an AUG
You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs