How to Install SSL Certificate fro BitBucket Edited

Need to install SSL certificate for Bitbucket. I have certificate.

3 answers

This widget could not be displayed.

Do you mean you want to run Bitbucket with SSL? 

Or that you need it to use a certificate to reach something?

I need to run BitBucket URL with SSL certificate.

Client has given SSL Certificate fro bitbucket. Dont know how to install on BitBucket. Any Pointers?

Not yet because you have not told me if you are trying to run Bitbucket over SSL, or you are trying to connect your Bitbucket to something that is SSL secured.

Request is - Install SSL certificate for BitBucket. 

BitBucket  URL is - http://localhost:7990/admin/db

We have to make https://<ip>:7990.

>Install SSL certificate for BitBucket. 

That still does not answer the question, but the next bit finally does.

Next question - do you want to make Bitbucket run itself over https, or do you want to put it behind a proxy that does all the SSL for you?

Want to make Bitbucket run itself over https

Private key password will be given by agency only who created the certificate? and where to install it?

This widget could not be displayed.

Hey @Maxxazo,

I am working on the same issue. If your trying to be all Atlassian about the set up like I am this link will help you.

https://confluence.atlassian.com/bitbucketserver/securing-bitbucket-server-with-tomcat-using-ssl-776640127.html?_ga=2.150788850.571518988.1508786404-121847653.1500571238

 

Else you can install NGINX or Apache and proxy the connection through either one of them. 

If I remember when I am done with my setup I will post what I did.

Have you installed...Mine certificate is .P12.

Adding Properties on Bit.bucket properties

server.port=8443
server.ssl.enabled=true
server.ssl.key-store=/path/to/keystore/bitbucket.jks
server.ssl.key-store-password=<password value>
server.ssl.key-password=<password value>

What should i do with Certificate of .P12... 

Key-Store - refers certificate where it is kept in directory.

key-store-password -?

key-password-?

Please let know.....

Hey @Maxxazo

This stack overflow post should help you out a lot. It saved my day. Stackoverflow certificate not X.509

BTW you make the password for your keystore. Make sure your bitbucket.properties are set to read your custom alias. 

openssl pkcs12 -export \
-name bitbucket.quckers.com \
-in ~/bitbucket_quckers_com/bitbucket_quckers_com.crt \
-inkey ~/bitbucket.key \
-out ~/tomcat/keystore.p12

sudo /opt/atlassian/bitbucket/5.4.1/jre/bin/keytool -importkeystore \
-destkeystore ~/tomcat/ssl-keystore.jks \
-srckeystore ~/tomcat/keystore.p12 \
-srcstoretype pkcs12 \
-alias bitbucket.quckers.com

 

server.ssl.enabled=true
server.ssl.key-alias=bitbucket.quackers.com # See same alias that is specified in the last command stated above.
server.ssl.key-store=/var/atlassian/application-data/bitbucket/shared/config/ssl-keystore.jks # If you leave off the .jks bitbucket has that path set by default. 
server.ssl.key-store-password=lk # password set in process above.
server.ssl.key-password=lkj # password set in process above.

If you follow the docs from here you should be good.

@Maxxazo Side note please don't post 50,000 times in a row to fill up my mail box with notifications. Have some respect, were all busy. 

Is there any error in below bitbucket.properties? server.port=80 server.ssl.enabled=true server.require-ssl=true server.secure=true server.ssl.key-store=D:/Atlassian/ApplicationData/Bitbucket/shared/config/ssl-keystore/<cert name>

server.ssl.key-store-password=changeit server.ssl.key-store-type=pkcs12 server.ssl.key-password=given server.ssl.client-auth=need

Key-store-password and key-password are given certificate owner?

No, you need to give the password for the keystore, not the certificate.

This widget could not be displayed.

Ok, it seems you're quite confused here.

If you are trying to run Bitbucket over https, and without a proxy, then Ethan's answer is what you need.

However, you've been given a .p12 certificate which is usually a client certificate for connecting to other systems, not for running a server with https.  I'd be very surprised if your .p12 contains a server certificate.

Any Pointers...what should I do for .p12 certificate??

You could try converting it, as per Ethan's post, but if it's a client certificate, it's going to be useless to you.

Yeaahhh issue resolved....secured URL!!

Failed to connect to repository : Command "c:\program files \git\bin\git.exe Is remote -h ssh://git@git.vehraius.com:7999/dmp/hybris.git HEAD" returned status code 128:stdout
stderr: ssh:connect to host git.vahraius.com port 7999:Connection refused fatal: Could not read from remote repository.

Please make sure you have right access and repository exists.

Any pointers...why this happened?

Suggest an answer

Log in or Sign up to answer
Community showcase
Published Aug 21, 2018 in Bitbucket

Branch Management with Bitbucket

As a project manager, I have discovered that different developers want to bring their previous branching method with them when they join the team. Some developers are used to performing individual wo...

1,315 views 8 11
Read article

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you