Hi!, I installed Bitbucket Server on my Ubuntu VM and works perfect, but is untrusted, works below http protocol and i need to implement HTTPS. If i have an certificate, ¿how can i to implement on my bitbucket?, ¿What files i should to edit?.
Many Thanks!!
Hi,
In Ubuntu the path for de apache configuration files (I guess you are using Apache) is here: /etc/apache2/sites-available/ and the content of the file should be something like this:
<VirtualHost *:443>
...
SSLEngine on
SSLCertificateFile /var/www/.../certificate/YOUR_CERTIFICATE_FILE.crt
SSLCertificateKeyFile /var/www/.../certificate/YOUR_CERTIFICATE_KEY.key
SSLCertificateChainFile /var/www/.../certificate/CHAIN_CERTIFICATE_FILE.crt
...
</VirtualHost>
Hope this information helps you.
Regards.
Thanks Lair, i dont know if i use Apache or not, because i install Bitbucket through a bin installer with ./ command, so i dont know how bitbucket works below.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Do you want to do this at the Tomcat level (see https://confluence.atlassian.com/bitbucketserver/securing-bitbucket-server-with-tomcat-using-ssl-776640127.html ) or via a proxy server (see https://confluence.atlassian.com/bitbucketserver/proxying-and-securing-bitbucket-server-776640099.html )
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Thanks Nic, i dont know if i use Apache Tomcat or not, because i install Bitbucket through a bin installer with ./ command, so i dont know how bitbucket works below. I need to install tomcat also?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You don't need to worry about Tomcat separately, it's part of the installation bundle.
If you do not want to use a proxy, just follow the instructions in the first doc I pointed to, it walks you through the (Tomcat and) Bitbucket changes you'll need to make.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Many Thanks Nic, i tried to config bitbucket.properties file and a minimum change make that bitbucket cannot to be access. I keep the port 7990 and still cannot access.
If i let properties file blank, i can access perfect
server.port=7990
server.secure=true
server.scheme=https
server.ssl.enabled=true
server.ssl.client-auth=want
server.ssl.key-store-type=pkcs12
server.ssl.key-store="/var/atlassian/application-data/bitbucket/shared/config/ssl-llave/key.pfx"
server.ssl.key-store-password="xxxxx"
server.ssl.key-password="xxxxx"
server.require-ssl=true
Whats may be happening?
********************EDIT********************
I wait a few moments and now can access with the customize port only, but if i add more parameters, cannot access.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
What do the logs say when you add parameters? What else are you adding?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
*******************EDIT*****************************
Finally i can to start the server, in this part i needed to put the correct password only, (the password that I had placed was the incorrect one, because I put the new password that I requested when converting from pfx to jks, but the key that corresponded was the original of the pfx)
Thanks!!!
Now i convert pfx to jks and obtain the alias and log says the following text:.
(I read that i need to extract from pfx a certificate and private key and put on keystore, bu i dont know what that refer :/)
. ____ _ __ _ _
/\\ / ___'_ __ _ _(_)_ __ __ _ \ \ \ \
( ( )\___ | '_ | '_| | '_ \/ _` | \ \ \ \
\\/ ___)| |_)| | | | | || (_| | ) ) ) )
' |____| .__|_| |_|_| |_\__, | / / / /
=========|_|==============|___/=/_/_/_/
:: Spring Boot :: (v2.1.1.RELEASE)
2019-07-01 14:23:07,547 INFO [main] c.a.b.i.b.BitbucketServerApplication Starting BitbucketServerApplication on srvgitcl01 with PID 21077 (/opt/atlassian/$
2019-07-01 14:23:07,565 INFO [main] c.a.b.i.b.BitbucketServerApplication No active profile set, falling back to default profiles: default
2019-07-01 14:23:13,302 INFO [main] c.a.b.i.boot.log.BuildInfoLogger Starting Bitbucket 6.2.3 (a254062 built on Wed Jun 05 07:35:39 UTC 2019)
2019-07-01 14:23:13,303 INFO [main] c.a.b.i.boot.log.BuildInfoLogger JVM: Oracle Corporation Java HotSpot(TM) 64-Bit Server VM 1.8.0_172-b11
2019-07-01 14:23:23,291 ERROR [main] o.apache.catalina.util.LifecycleBase Failed to start component [Connector[HTTP/1.1-8443]]
org.apache.catalina.LifecycleException: Protocol handler start failed
at org.apache.catalina.connector.Connector.startInternal(Connector.java:1008)
at org.springframework.boot.web.embedded.tomcat.TomcatWebServer.addPreviouslyRemovedConnectors(TomcatWebServer.java:259)
at org.springframework.boot.web.embedded.tomcat.TomcatWebServer.start(TomcatWebServer.java:197)
at org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext.startWebServer(ServletWebServerApplicationContext.java:311)
at org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext.finishRefresh(ServletWebServerApplicationContext.java:164)
at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:549)
at org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext.refresh(ServletWebServerApplicationContext.java:142)
at org.springframework.boot.SpringApplication.refresh(SpringApplication.java:775)
at org.springframework.boot.SpringApplication.refreshContext(SpringApplication.java:397)
at org.springframework.boot.SpringApplication.run(SpringApplication.java:316)
at com.atlassian.bitbucket.internal.boot.BitbucketServerApplication.start(BitbucketServerApplication.java:247)
at com.atlassian.bitbucket.internal.boot.BitbucketServerApplication.main(BitbucketServerApplication.java:82)
at org.springframework.boot.loader.MainMethodRunner.run(MainMethodRunner.java:48)
at org.springframework.boot.loader.Launcher.launch(Launcher.java:87)
at com.atlassian.bitbucket.internal.launcher.BitbucketServerLauncher.start(BitbucketServerLauncher.java:151)
at com.atlassian.bitbucket.internal.launcher.BitbucketServerLauncher.main(BitbucketServerLauncher.java:99)
... 6 frames trimmed
Caused by: java.lang.IllegalArgumentException: Cannot recover key
at org.apache.tomcat.util.net.AbstractJsseEndpoint.createSSLContext(AbstractJsseEndpoint.java:99)
... 16 common frames omitted
Caused by: java.security.UnrecoverableKeyException: Cannot recover key
at sun.security.provider.KeyProtector.recover(KeyProtector.java:328)
at sun.security.provider.JavaKeyStore.engineGetKey(JavaKeyStore.java:146)
at sun.security.provider.JavaKeyStore$JKS.engineGetKey(JavaKeyStore.java:56)
at sun.security.provider.KeyStoreDelegator.engineGetKey(KeyStoreDelegator.java:96)
at sun.security.provider.JavaKeyStore$DualFormatJKS.engineGetKey(JavaKeyStore.java:70)
at java.security.KeyStore.getKey(KeyStore.java:1023)
... 16 common frames omitted
2019-07-01 14:23:27,670 ERROR [spring-startup] c.a.j.s.w.s.JohnsonDispatcherServlet SpringMVC dispatcher [springMvc] could not be started
org.springframework.beans.factory.BeanDefinitionStoreException: Failed to read candidate component class: file [/opt/atlassian/bitbucket/6.2.3/app/WEB-INF/c$
at org.springframework.context.annotation.ClassPathScanningCandidateComponentProvider.scanCandidateComponents(ClassPathScanningCandidateComponentPro$
at org.springframework.context.annotation.ClassPathScanningCandidateComponentProvider.findCandidateComponents(ClassPathScanningCandidateComponentPro$
at org.springframework.context.annotation.ClassPathBeanDefinitionScanner.doScan(ClassPathBeanDefinitionScanner.java:275)
at org.springframework.context.annotation.ComponentScanBeanDefinitionParser.parse(ComponentScanBeanDefinitionParser.java:90)
at org.springframework.web.context.support.XmlWebApplicationContext.loadBeanDefinitions(XmlWebApplicationContext.java:125)
at org.springframework.web.context.support.XmlWebApplicationContext.loadBeanDefinitions(XmlWebApplicationContext.java:94)
at org.springframework.context.support.AbstractRefreshableApplicationContext.refreshBeanFactory(AbstractRefreshableApplicationContext.java:133)
at org.springframework.context.support.AbstractApplicationContext.obtainFreshBeanFactory(AbstractApplicationContext.java:622)
at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:518)
at javax.servlet.GenericServlet.init(GenericServlet.java:158)
at java.lang.Thread.run(Thread.java:748)
... 21 frames trimmed
Caused by: java.nio.channels.ClosedByInterruptException: null
at java.nio.channels.spi.AbstractInterruptibleChannel.end(AbstractInterruptibleChannel.java:202)
at sun.nio.ch.FileChannelImpl.read(FileChannelImpl.java:164)
at sun.nio.ch.ChannelInputStream.read(ChannelInputStream.java:65)
at sun.nio.ch.ChannelInputStream.read(ChannelInputStream.java:109)
at sun.nio.ch.ChannelInputStream.read(ChannelInputStream.java:103)
at java.io.BufferedInputStream.fill(BufferedInputStream.java:246)
at java.io.BufferedInputStream.read1(BufferedInputStream.java:286)
at java.io.BufferedInputStream.read(BufferedInputStream.java:345)
at org.springframework.asm.ClassReader.readStream(ClassReader.java:306)
at org.springframework.asm.ClassReader.<init>(ClassReader.java:273)
at org.springframework.core.type.classreading.SimpleMetadataReader.<init>(SimpleMetadataReader.java:54)
at org.springframework.core.type.classreading.SimpleMetadataReaderFactory.getMetadataReader(SimpleMetadataReaderFactory.java:103)
at org.springframework.core.type.classreading.CachingMetadataReaderFactory.getMetadataReader(CachingMetadataReaderFactory.java:123)
at org.springframework.context.annotation.ClassPathScanningCandidateComponentProvider.scanCandidateComponents(ClassPathScanningCandidateComponentPro$
... 11 common frames omitted
2019-07-01 14:23:28,412 ERROR [main] o.s.b.d.LoggingFailureAnalysisReporter
***************************
APPLICATION FAILED TO START
***************************
Description:
The Tomcat connector configured to listen on port 8443 failed to start. The port may already be in use or the connector may be misconfigured.
Action:
Verify the connector's configuration, identify and stop any process that's listening on port 8443, or configure this application to listen on another port.
2019-07-01 14:23:28,434 INFO [main] c.a.b.i.boot.log.BuildInfoLogger Bitbucket 6.2.3 has shut down
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.