Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

How can i to implement HTTPS on bitbucket server?

crynof
crynof June 27, 2019

Hi!, I installed Bitbucket Server on my Ubuntu VM and works perfect, but is untrusted, works below http protocol and i need to implement HTTPS. If i have an certificate, ¿how can i to implement on my bitbucket?, ¿What files i should to edit?.

 

Many Thanks!!

Answer
Watch
Like Be the first to like this
641 views

2 answers

2 accepted

1 vote
Answer accepted
Lair Ortega Dehonor
Lair Ortega Dehonor
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
June 27, 2019

Hi,

In Ubuntu the path for de apache configuration files (I guess you are using Apache) is here: /etc/apache2/sites-available/ and the content of the file should be something like this:

<VirtualHost *:443>
    ...
    SSLEngine on
    SSLCertificateFile /var/www/.../certificate/YOUR_CERTIFICATE_FILE.crt
    SSLCertificateKeyFile /var/www/.../certificate/YOUR_CERTIFICATE_KEY.key
    SSLCertificateChainFile /var/www/.../certificate/CHAIN_CERTIFICATE_FILE.crt
    ...
</VirtualHost>

Hope this information helps you.

 

Regards.

View More Comments
crynof
crynof June 27, 2019

Thanks Lair, i dont know if i use Apache or not, because i install Bitbucket through a bin installer with ./ command, so i dont know how bitbucket works below.

Like
Reply
1 vote
Answer accepted
Nic Brough -Adaptavist-
Nic Brough -Adaptavist-
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
June 27, 2019

Do you want to do this at the Tomcat level (see https://confluence.atlassian.com/bitbucketserver/securing-bitbucket-server-with-tomcat-using-ssl-776640127.html ) or via a proxy server (see https://confluence.atlassian.com/bitbucketserver/proxying-and-securing-bitbucket-server-776640099.html )

View More Comments
crynof
crynof June 27, 2019

Thanks Nic, i dont know if i use Apache Tomcat or not, because i install Bitbucket through a bin installer with ./ command, so i dont know how bitbucket works below. I need to install tomcat also?

Like
Nic Brough -Adaptavist-
Nic Brough -Adaptavist-
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
June 27, 2019

You don't need to worry about Tomcat separately, it's part of the installation bundle.

If you do not want to use a proxy, just follow the instructions in the first doc I pointed to, it walks you through the (Tomcat and) Bitbucket changes you'll need to make.

Like
crynof
crynof June 27, 2019

Many Thanks Nic, i tried to config bitbucket.properties file and a minimum change make that bitbucket cannot to be access. I keep the port 7990 and still cannot access.

If i let properties file blank, i can access perfect

server.port=7990
server.secure=true
server.scheme=https
server.ssl.enabled=true
server.ssl.client-auth=want
server.ssl.key-store-type=pkcs12
server.ssl.key-store="/var/atlassian/application-data/bitbucket/shared/config/ssl-llave/key.pfx"
server.ssl.key-store-password="xxxxx"
server.ssl.key-password="xxxxx"
server.require-ssl=true

 

Whats may be happening?

********************EDIT********************

I wait a few moments and now can access with the customize port only, but if i add more parameters, cannot access.

Like
Nic Brough -Adaptavist-
Nic Brough -Adaptavist-
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
June 30, 2019

What do the logs say when you add parameters?  What else are you adding?

Like
crynof
crynof July 1, 2019

*******************EDIT*****************************

 

Finally i can to start the server, in this part i needed to put the correct password only, (the password that I had placed was the incorrect one, because I put the new password that I requested when converting from pfx to jks, but the key that corresponded was the original of the pfx)

Thanks!!!



Now i  convert pfx to jks  and obtain the alias and log says the following text:.

(I read that i need to extract from pfx a certificate and private key and put on keystore, bu i dont know what that refer :/)

. ____ _ __ _ _
/\\ / ___'_ __ _ _(_)_ __ __ _ \ \ \ \
( ( )\___ | '_ | '_| | '_ \/ _` | \ \ \ \
\\/ ___)| |_)| | | | | || (_| | ) ) ) )
' |____| .__|_| |_|_| |_\__, | / / / /
=========|_|==============|___/=/_/_/_/
:: Spring Boot :: (v2.1.1.RELEASE)


2019-07-01 14:23:07,547 INFO [main] c.a.b.i.b.BitbucketServerApplication Starting BitbucketServerApplication on srvgitcl01 with PID 21077 (/opt/atlassian/$
2019-07-01 14:23:07,565 INFO [main] c.a.b.i.b.BitbucketServerApplication No active profile set, falling back to default profiles: default
2019-07-01 14:23:13,302 INFO [main] c.a.b.i.boot.log.BuildInfoLogger Starting Bitbucket 6.2.3 (a254062 built on Wed Jun 05 07:35:39 UTC 2019)
2019-07-01 14:23:13,303 INFO [main] c.a.b.i.boot.log.BuildInfoLogger JVM: Oracle Corporation Java HotSpot(TM) 64-Bit Server VM 1.8.0_172-b11
2019-07-01 14:23:23,291 ERROR [main] o.apache.catalina.util.LifecycleBase Failed to start component [Connector[HTTP/1.1-8443]]
org.apache.catalina.LifecycleException: Protocol handler start failed
at org.apache.catalina.connector.Connector.startInternal(Connector.java:1008)
at org.springframework.boot.web.embedded.tomcat.TomcatWebServer.addPreviouslyRemovedConnectors(TomcatWebServer.java:259)
at org.springframework.boot.web.embedded.tomcat.TomcatWebServer.start(TomcatWebServer.java:197)
at org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext.startWebServer(ServletWebServerApplicationContext.java:311)
at org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext.finishRefresh(ServletWebServerApplicationContext.java:164)
at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:549)
at org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext.refresh(ServletWebServerApplicationContext.java:142)
at org.springframework.boot.SpringApplication.refresh(SpringApplication.java:775)
at org.springframework.boot.SpringApplication.refreshContext(SpringApplication.java:397)
at org.springframework.boot.SpringApplication.run(SpringApplication.java:316)
at com.atlassian.bitbucket.internal.boot.BitbucketServerApplication.start(BitbucketServerApplication.java:247)
at com.atlassian.bitbucket.internal.boot.BitbucketServerApplication.main(BitbucketServerApplication.java:82)
at org.springframework.boot.loader.MainMethodRunner.run(MainMethodRunner.java:48)
at org.springframework.boot.loader.Launcher.launch(Launcher.java:87)
at com.atlassian.bitbucket.internal.launcher.BitbucketServerLauncher.start(BitbucketServerLauncher.java:151)
at com.atlassian.bitbucket.internal.launcher.BitbucketServerLauncher.main(BitbucketServerLauncher.java:99)
... 6 frames trimmed

Caused by: java.lang.IllegalArgumentException: Cannot recover key
at org.apache.tomcat.util.net.AbstractJsseEndpoint.createSSLContext(AbstractJsseEndpoint.java:99)
... 16 common frames omitted
Caused by: java.security.UnrecoverableKeyException: Cannot recover key
at sun.security.provider.KeyProtector.recover(KeyProtector.java:328)
at sun.security.provider.JavaKeyStore.engineGetKey(JavaKeyStore.java:146)
at sun.security.provider.JavaKeyStore$JKS.engineGetKey(JavaKeyStore.java:56)
at sun.security.provider.KeyStoreDelegator.engineGetKey(KeyStoreDelegator.java:96)
at sun.security.provider.JavaKeyStore$DualFormatJKS.engineGetKey(JavaKeyStore.java:70)
at java.security.KeyStore.getKey(KeyStore.java:1023)
... 16 common frames omitted
2019-07-01 14:23:27,670 ERROR [spring-startup] c.a.j.s.w.s.JohnsonDispatcherServlet SpringMVC dispatcher [springMvc] could not be started
org.springframework.beans.factory.BeanDefinitionStoreException: Failed to read candidate component class: file [/opt/atlassian/bitbucket/6.2.3/app/WEB-INF/c$
at org.springframework.context.annotation.ClassPathScanningCandidateComponentProvider.scanCandidateComponents(ClassPathScanningCandidateComponentPro$
at org.springframework.context.annotation.ClassPathScanningCandidateComponentProvider.findCandidateComponents(ClassPathScanningCandidateComponentPro$
at org.springframework.context.annotation.ClassPathBeanDefinitionScanner.doScan(ClassPathBeanDefinitionScanner.java:275)
at org.springframework.context.annotation.ComponentScanBeanDefinitionParser.parse(ComponentScanBeanDefinitionParser.java:90)
at org.springframework.web.context.support.XmlWebApplicationContext.loadBeanDefinitions(XmlWebApplicationContext.java:125)
at org.springframework.web.context.support.XmlWebApplicationContext.loadBeanDefinitions(XmlWebApplicationContext.java:94)
at org.springframework.context.support.AbstractRefreshableApplicationContext.refreshBeanFactory(AbstractRefreshableApplicationContext.java:133)
at org.springframework.context.support.AbstractApplicationContext.obtainFreshBeanFactory(AbstractApplicationContext.java:622)
at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:518)
at javax.servlet.GenericServlet.init(GenericServlet.java:158)
at java.lang.Thread.run(Thread.java:748)
... 21 frames trimmed

Caused by: java.nio.channels.ClosedByInterruptException: null
at java.nio.channels.spi.AbstractInterruptibleChannel.end(AbstractInterruptibleChannel.java:202)
at sun.nio.ch.FileChannelImpl.read(FileChannelImpl.java:164)
at sun.nio.ch.ChannelInputStream.read(ChannelInputStream.java:65)
at sun.nio.ch.ChannelInputStream.read(ChannelInputStream.java:109)
at sun.nio.ch.ChannelInputStream.read(ChannelInputStream.java:103)
at java.io.BufferedInputStream.fill(BufferedInputStream.java:246)
at java.io.BufferedInputStream.read1(BufferedInputStream.java:286)
at java.io.BufferedInputStream.read(BufferedInputStream.java:345)
at org.springframework.asm.ClassReader.readStream(ClassReader.java:306)
at org.springframework.asm.ClassReader.<init>(ClassReader.java:273)
at org.springframework.core.type.classreading.SimpleMetadataReader.<init>(SimpleMetadataReader.java:54)
at org.springframework.core.type.classreading.SimpleMetadataReaderFactory.getMetadataReader(SimpleMetadataReaderFactory.java:103)
at org.springframework.core.type.classreading.CachingMetadataReaderFactory.getMetadataReader(CachingMetadataReaderFactory.java:123)
at org.springframework.context.annotation.ClassPathScanningCandidateComponentProvider.scanCandidateComponents(ClassPathScanningCandidateComponentPro$
... 11 common frames omitted
2019-07-01 14:23:28,412 ERROR [main] o.s.b.d.LoggingFailureAnalysisReporter

***************************
APPLICATION FAILED TO START
***************************

Description:

The Tomcat connector configured to listen on port 8443 failed to start. The port may already be in use or the connector may be misconfigured.

Action:

Verify the connector's configuration, identify and stop any process that's listening on port 8443, or configure this application to listen on another port.

2019-07-01 14:23:28,434 INFO [main] c.a.b.i.boot.log.BuildInfoLogger Bitbucket 6.2.3 has shut down

Like
Reply

Suggest an answer

Log in or Sign up to answer
Bitbucket
Bitbucket
TAGS
AUG Leaders

Atlassian Community Events

    See all events