How to import certificate from Bitbucket server to git client

Still need help?

The Atlassian Community is here for you.

Ask the community

Platform notice: Server and Data Center only. This article only applies to Atlassian products on the server and data center platforms.


If you have implemented SSL self signed certificate using the Secure Bitbucket with Tomcat using SSL, your users might still face issues performing git operations like clone/push. The users might see the following issue while cloning from the Same Bitbucket server

git clone
Cloning into 'my-test-repo'...
fatal: unable to access '': Issuer certificate is invalid.


Any version of Bitbucket Server on Linux

Git Client on Linux


Steps for Implementation: 

  1. Create a cer from the BB keystore. If you have used Secure Bitbucket with Tomcat using SSL, then the default keystore Bitbucket uses is <Bitbucket home directory>/shared/config/ssl-keystore

    keytool -export -alias tomcat -file file.cer -keystore ssl-keystore
  2. Convert the above file.cer into file.pem 

    openssl x509 -inform der -in file.cer -out file.pem
  3. Add this file.pem path to your user's git config

    git config --global http.sslCAInfo path_to_file.pem
  4.  Try to clone again and this should work now

    git clone
    Cloning into 'my-test-repo'...
    Username for '': my-awesome-username
    Password for '': 
    remote: Enumerating objects: 6007, done.
    remote: Counting objects: 100% (6007/6007), done.
    remote: Compressing objects: 100% (1906/1906), done.
    remote: Total 6007 (delta 2524), reused 6007 (delta 2524)
    Receiving objects: 100% (6007/6007), 17.70 MiB | 43.26 MiB/s, done.
    Resolving deltas: 100% (2524/2524), done.
Last modified on Jun 18, 2021

Was this helpful?

Provide feedback about this article
Powered by Confluence and Scroll Viewport.