Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Interests
See all
Community resources
Top groups
Explore all groups
Community resources
Celebration

Earn badges and make progress

You're on your way to the next level! Join the Kudos program to earn points and save your progress.

Deleted user Avatar
Deleted user

Level 1: Seed

25 / 150 points

Next: Root

Avatar

1 badge earned

Collect

Participate in fun challenges

Challenges come and go, but your rewards stay with you. Do more to earn more!

Challenges
Coins

Gift kudos to your peers

What goes around comes around! Share the love by gifting kudos to your peers.

Recognition
Ribbon

Rise up in the ranks

Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!

Leaderboard

Join now to unlock these features and more

Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Get started Tell me more
Atlassian Community about banner
4,558,009
Community Members
 
Community Events
184
Community Groups

How does Sourcetree check the certificate chain of a remote https intranet bitbucket server?

Lutz Schönerstedt
Lutz Schönerstedt Apr 20, 2018

Jira and Bitbucket Server are intranet https servers. Their certificates are signed with a company root certificate. The company root certificate is imported in Firefox and in the different keystores of Jira and Bitbucket Server.

The access over firefox and the application link between Jira and Bitbucket Server works.

Configuring Sourcetree to use the intranet https Bitbucket Server fails due to a certificate validation error.

How does Sourcetree check the certificate chain of a remote https intranet bitbucket server? Are there logs? How does it check the root certificate?

Answer
Watch
Like Augusto Sérgio likes this
5222 views

1 answer

0 votes
Andy Heinzer
Andy Heinzer
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
Apr 20, 2018

Jira and Confluence store the certificate in their Java trust stores.   Since those programs run on Java this works for them.  However Sourcetree is not using Java as a base environment.  Because of this there are different methods for storing SSL certificates for Sourcetree.   I would recommend walking through Resolving SSL Self-Signed Certificate Errors.

This KB explains the details of how to do this the Mac version to store this to the keychain.  And in the bottom of that KB, it also explains how on Windows environments you can use the Certificate Manager to make sure that your host operating system has the needed certificates.   Even if your system is not using self-signed certs, if the operating system does not have the root certificate, you might need to follow these same steps in order to make sure that an SSL connection can be established between Sourcetree and your bitbucket server.

View More Comments
Lutz Schönerstedt
Lutz Schönerstedt Apr 23, 2018

Cloning a repository from the remote https intranet bitbucket server with Sourcetree (Windows) works. So there is no problem with git. Adding an account of the remote project archive of the remote https intranet bitbucket server fails.

How does Sourcetree (Windows) check the certificate chain of a remote https intranet bitbucket server if you try to add an account of the remote project archive of the remote https intranet bitbucket server?

Like
Stefan Mueller
Stefan Mueller Aug 11, 2020

 I would recommend walking through Resolving SSL Self-Signed Certificate Errors.

@Andy Heinzer, I did this and it works now when I clone a repository via the terminal opened in a different repository, available in Sourcetree. 

The strange thing is, that if I want to clone it via the Sourcetree GUI, I still get 

SSL certificate problem: self signed certificate in certificate chain

Where else need the new certificate added to, to make it work via the GUI.

I do use embedded git, located in  %USERPROFILE%\AppData\Local\Atlassian\SourceTree\git_local

my global .gitconfig in %USERPROFILE% includes:

[http]
sslCAInfo = ~/AppData/Local/Atlassian/SourceTree/git_local/usr/ssl/newcertificate.pem

Do I need to configure 

%USERPROFILE%\AppData\Local\Atlassian\SourceTree\git_local\mingw32\etc\gitconfig

as described in https://community.atlassian.com/t5/Sourcetree-questions/How-to-set-global-git-config/qaq-p/239006 as well?

Like
Reply

Suggest an answer

Log in or Sign up to answer
Sourcetree
Sourcetree
TAGS
AUG Leaders

Atlassian Community Events

See all events