How to import certificate from Bitbucket server to git client
Platform notice: Server and Data Center only. This article only applies to Atlassian products on the Server and Data Center platforms.
Support for Server* products ended on February 15th 2024. If you are running a Server product, you can visit the Atlassian Server end of support announcement to review your migration options.
*Except Fisheye and Crucible
Summary
If you have implemented SSL self signed certificate using the Secure Bitbucket with Tomcat using SSL, your users might still face issues performing git operations like clone/push. The users might see the following issue while cloning from the Same Bitbucket server
git clone https://example.com:8443/scm/text/my-test-repo.git
Cloning into 'my-test-repo'...
fatal: unable to access 'https://example.com:8443/scm/text/my-test-repo.git/': Issuer certificate is invalid.Environment
Any version of Bitbucket Server on Linux
Git Client on Linux
Solution
Steps for Implementation:
Create a cer from the BB keystore. If you have used Secure Bitbucket with Tomcat using SSL, then the default keystore Bitbucket uses is
<Bitbucket home directory>/shared/config/ssl-keystore.keytool -export -alias tomcat -file file.cer -keystore ssl-keystoreConvert the above file.cer into file.pem
openssl x509 -inform der -in file.cer -out file.pemAdd this file.pem path to your user's git config
git config --global http.sslCAInfo path_to_file.pemTry to clone again and this should work now
git clone https://example.com:8443/scm/text/my-test-repo.git Cloning into 'my-test-repo'... Username for 'https://example.com:8443': my-awesome-username Password for 'https://username@example.com:8443': remote: Enumerating objects: 6007, done. remote: Counting objects: 100% (6007/6007), done. remote: Compressing objects: 100% (1906/1906), done. remote: Total 6007 (delta 2524), reused 6007 (delta 2524) Receiving objects: 100% (6007/6007), 17.70 MiB | 43.26 MiB/s, done. Resolving deltas: 100% (2524/2524), done.