Symptoms The following message is displayed when trying to push to a Bitbucket Server repository:
error: Issuer certificate is invalid. while accessing https://@<BITBUCKET_HOST>:8443/ABC/test.git/info/refs fatal: HTTP request failed You just added a self signed certificate to Bitbucket Server and now your users are getting errors:
fatal: unable to access 'https://@<bitbucket_server>://scm///': server certificate verification failed. CAfile: /etc/ssl/certs/ca-certificates.crt CRLfile: none Cause The Bitbucket Server certificate is not trusted by the git client.
Workaround A very good article on the subject can be found here on Stack Overflow. In summary when you use a self signed certificate Git doesn't trust the certificate that is being sent to it. You can fix this in two ways:
On each client system run: git config --global http.sslVerify false The safer solution is to install the self signed server certificate on the git client machine. I would suggest reviewing all of the answers and comments on that post as there are many competing opinions on the subject.
Resolution To be able to use a self-signed certificate do the following:
Copy the Bitbucket Server instance's certificate.pem file to the git client's host. Convert the file into the X.509 format.
openssl x509 -in certificate.pem -out certificate.crtNow allow git to use this certificate by changing the user's git configuration file:git config http.sslcainfo certificate.crt
(info) All commands must be executed in the where the certificate was copied to.
Resolution 2 Use a certificate that is signed by a Certificate Authority. These certificates are automatically trusted.
Procedure: open bitbuket.org website.
click on Lock of ssl. Goto ssl Export the ssl and save.
Run this command openssl x509 -in certificate.pem -out certificate.crt
then git config http.sslcainfo certificate.crt