要約

If you have implemented SSL self signed certificate using the Secure Bitbucket with Tomcat using SSL, your users might still face issues performing git operations like clone/push. The users might see the following issue while cloning from the Same Bitbucket server

git clone https://example.com:8443/scm/text/my-test-repo.git
Cloning into 'my-test-repo'...
fatal: unable to access 'https://example.com:8443/scm/text/my-test-repo.git/': Issuer certificate is invalid.

環境

Any version of Bitbucket Server on Linux

Git Client on Linux

ソリューション

Steps for Implementation: 

1. Create a cer from the BB keystore. If you have used Secure Bitbucket with Tomcat using SSL, then the default keystore Bitbucket uses is <Bitbucket home directory>/shared/config/ssl-keystore. 
   

   keytool -export -alias tomcat -file file.cer -keystore ssl-keystore

2. Convert the above file.cer into file.pem 
   

   openssl x509 -inform der -in file.cer -out file.pem

3. Add this file.pem path to your user's git config

   git config --global http.sslCAInfo path_to_file.pem

4.  Try to clone again and this should work now

   git clone https://example.com:8443/scm/text/my-test-repo.git
   Cloning into 'my-test-repo'...
   Username for 'https://example.com:8443': my-awesome-username
   Password for 'https://username@example.com:8443': 
   remote: Enumerating objects: 6007, done.
   remote: Counting objects: 100% (6007/6007), done.
   remote: Compressing objects: 100% (1906/1906), done.
   remote: Total 6007 (delta 2524), reused 6007 (delta 2524)
   Receiving objects: 100% (6007/6007), 17.70 MiB | 43.26 MiB/s, done.
   Resolving deltas: 100% (2524/2524), done.