I have created a java truststore for one self-signed cert and one official cert.
I used your SSL poke class to test the cert and it works fine when i point out the
trusstore -Djavax.net.ssl.trustStore=/srv/git-bitbucket/atlassian-bitbucket-4.14.x/data/shared/certifikat/git_ldap_and_ad.truststore -Djavax.net.ssl.trustStorePassword=xxxxxx
I have added these values to /opt/git-bitbucket/atlassian-bitbucket-4.14.7/bin/setenv.sh so that they can be seen with a ps -ef
In the GUI it still does not work
The log file atlassian-bitbucket-mail.log shows
2017-08-16 09:31:04,346 ERROR [http-nio-7990-exec-3] mut @I77VQLx571x178x0 89r7at 172.20.140.103,0:0:0:0:0:0:0:1 "POST /admin/mail-server HTTP/1.1" bitbucket.mail-log Sending mail failed. Please verify the mail server configuration and check the logs for details; recipient: otto.jagebo@bolagsverket.se; subject: Bolagsverket Bitbucket - Test email for your SMTP configuration
org.springframework.mail.MailSendException: Mail server connection failed; nested exception is javax.mail.MessagingException: Could not convert socket to TLS;
nested exception is:
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target. Failed messages: javax.mail.MessagingException: Could not convert socket to TLS;
nested exception is:
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
I can not upgrade to the latest as we use the latest git rpm package for SLES12 sp2 linux and therefor version 4.14.7 seems to be the latest tested for git-core-1.8.5.6-18.1.x86_64
Should i configur the truststore in a property or xml file as well or?
We have Centos 7 which does not ship with required git versions for Bitbucket 5.X.
Here is a summary of what we did: (Centos)
yum install curl-devel expat-devel gettext-devel openssl-devel zlib-devel
yum install gcc perl-ExtUtils-MakeMaker
wget https://www.kernel.org/pub/software/scm/git/git-2.9.3.tar.gz
tar xzf git-2.9.3.tar.gz
cd git-2.9.3/
make prefix=/usr/local/git all
make prefix=/usr/local/git install
In setenv.sh you have the following: JAVA_TRUSTSTORE and JAVA_TRUSTSTORE_PASSWORD. Have you tried using that instead?
# The full path to the Java truststore which must contain the client certificates accepted by Bitbucket for SSL authentication
# of JMX
#
#JAVA_TRUSTSTORE=
#
# The password for JAVA_TRUSTSTORE
#
#JAVA_TRUSTSTORE_PASSWORD=
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.