Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

How does Sourcetree check the certificate chain of a remote https intranet bitbucket server?

Lutz Schönerstedt
Lutz Schönerstedt April 20, 2018

Jira and Bitbucket Server are intranet https servers. Their certificates are signed with a company root certificate. The company root certificate is imported in Firefox and in the different keystores of Jira and Bitbucket Server.

The access over firefox and the application link between Jira and Bitbucket Server works.

Configuring Sourcetree to use the intranet https Bitbucket Server fails due to a certificate validation error.

How does Sourcetree check the certificate chain of a remote https intranet bitbucket server? Are there logs? How does it check the root certificate?

Answer
Watch
Like Augusto Sérgio likes this
5798 views

1 answer

0 votes
Andy Heinzer
Andy Heinzer
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
April 20, 2018

Jira and Confluence store the certificate in their Java trust stores.   Since those programs run on Java this works for them.  However Sourcetree is not using Java as a base environment.  Because of this there are different methods for storing SSL certificates for Sourcetree.   I would recommend walking through Resolving SSL Self-Signed Certificate Errors.

This KB explains the details of how to do this the Mac version to store this to the keychain.  And in the bottom of that KB, it also explains how on Windows environments you can use the Certificate Manager to make sure that your host operating system has the needed certificates.   Even if your system is not using self-signed certs, if the operating system does not have the root certificate, you might need to follow these same steps in order to make sure that an SSL connection can be established between Sourcetree and your bitbucket server.

View More Comments
Lutz Schönerstedt
Lutz Schönerstedt April 23, 2018

Cloning a repository from the remote https intranet bitbucket server with Sourcetree (Windows) works. So there is no problem with git. Adding an account of the remote project archive of the remote https intranet bitbucket server fails.

How does Sourcetree (Windows) check the certificate chain of a remote https intranet bitbucket server if you try to add an account of the remote project archive of the remote https intranet bitbucket server?

Like
Stefan Mueller
Stefan Mueller August 11, 2020

 I would recommend walking through Resolving SSL Self-Signed Certificate Errors.

@Andy Heinzer, I did this and it works now when I clone a repository via the terminal opened in a different repository, available in Sourcetree. 

The strange thing is, that if I want to clone it via the Sourcetree GUI, I still get 

SSL certificate problem: self signed certificate in certificate chain

Where else need the new certificate added to, to make it work via the GUI.

I do use embedded git, located in  %USERPROFILE%\AppData\Local\Atlassian\SourceTree\git_local

my global .gitconfig in %USERPROFILE% includes:

[http]
sslCAInfo = ~/AppData/Local/Atlassian/SourceTree/git_local/usr/ssl/newcertificate.pem

Do I need to configure 

%USERPROFILE%\AppData\Local\Atlassian\SourceTree\git_local\mingw32\etc\gitconfig

as described in https://community.atlassian.com/t5/Sourcetree-questions/How-to-set-global-git-config/qaq-p/239006 as well?

Like
Reply

Suggest an answer

Log in or Sign up to answer
Sourcetree
Sourcetree
TAGS
AUG Leaders

Atlassian Community Events

    See all events