SSL handshake error on LDAP and mail

I have created a java truststore for one self-signed cert and one official cert.

I used your SSL poke class to test the cert and it works fine when i point out the

trusstore -Djavax.net.ssl.trustStore=/srv/git-bitbucket/atlassian-bitbucket-4.14.x/data/shared/certifikat/git_ldap_and_ad.truststore -Djavax.net.ssl.trustStorePassword=xxxxxx

I have added these values to /opt/git-bitbucket/atlassian-bitbucket-4.14.7/bin/setenv.sh so that they can be seen with a ps -ef

In the GUI it still does not work

The log file atlassian-bitbucket-mail.log shows

2017-08-16 09:31:04,346 ERROR [http-nio-7990-exec-3] mut @I77VQLx571x178x0 89r7at 172.20.140.103,0:0:0:0:0:0:0:1 "POST /admin/mail-server HTTP/1.1" bitbucket.mail-log Sending mail failed. Please verify the mail server configuration and check the logs for details; recipient: otto.jagebo@bolagsverket.se; subject: Bolagsverket Bitbucket - Test email for your SMTP configuration
org.springframework.mail.MailSendException: Mail server connection failed; nested exception is javax.mail.MessagingException: Could not convert socket to TLS;
  nested exception is:
        javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target. Failed messages: javax.mail.MessagingException: Could not convert socket to TLS;
  nested exception is:
        javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

 

I can not upgrade to the latest as we use the latest git rpm package for SLES12 sp2 linux and therefor version 4.14.7 seems to be the latest tested for git-core-1.8.5.6-18.1.x86_64

Should i configur the truststore in a property or xml file as well or?

 

 

2 answers

In setenv.sh you have the following: JAVA_TRUSTSTORE and JAVA_TRUSTSTORE_PASSWORD. Have you tried using that instead?

# The full path to the Java truststore which must contain the client certificates accepted by Bitbucket for SSL authentication
# of JMX
#
#JAVA_TRUSTSTORE=

#
# The password for JAVA_TRUSTSTORE
#
#JAVA_TRUSTSTORE_PASSWORD=

We have Centos 7 which does not ship with required git versions for Bitbucket 5.X. 

Here is a summary of what we did: (Centos)

yum install curl-devel expat-devel gettext-devel openssl-devel zlib-devel
yum install gcc perl-ExtUtils-MakeMaker
wget https://www.kernel.org/pub/software/scm/git/git-2.9.3.tar.gz
tar xzf git-2.9.3.tar.gz
cd git-2.9.3/
make prefix=/usr/local/git all
make prefix=/usr/local/git install

Suggest an answer

Log in or Sign up to answer
How to earn badges on the Atlassian Community

How to earn badges on the Atlassian Community

Badges are a great way to show off community activity, whether you’re a newbie or a Champion.

Learn more
Community showcase
Posted Jun 12, 2018 in Bitbucket

Do you use any Atlassian products for your personal projects?

After spinning my wheels trying to get organized enough to write a book for National Novel Writing Month (NaNoWriMo) I took my affinity for Atlassian products from my work life and decided to tr...

22,891 views 26 12
Join discussion

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you