{{tag>ldap atlassian bitbucket}}

====== Connect to Samba with LDAP (Bitbucket e.g.) ======
===== Get the cert =====

  openssl s_client -connect example.com:443 -servername example.com:443 < /dev/null | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > public.crt

Insert cert to java keystore (this needs to be done on each bitbucket software update, so change version in path accordingly)

   /opt/atlassian/bitbucket/<version>/jre/bin/keytool -import -alias git -keystore /opt/atlassian/bitbucket/<version>/jre/lib/security/cacerts -file public.crt

Default password is "changeit"
Tell Bitbucket to use this java keystore (it should already use this by default)

   root@bitbucketserver:/opt/atlassian/bitbucket/<version># cat /var/atlassian/application-data/bitbucket/shared/bitbucket.properties

<code>
#>*******************************************************
#> Migrated to database at jdbc:mysql://localhost:3306/bitbucket?characterEncoding=utf8&useUnicode=true
#> Updated on 2019-07-01T12:34:10.271+02:00
#>*******************************************************
jdbc.driver=com.mysql.jdbc.Driver
jdbc.url=jdbc:mysql://localhost:3306/bitbucket?characterEncoding=utf8&useUnicode=true
jdbc.user=user
jdbc.password=pwd

server.port=7990
server.secure=true
server.scheme=https
server.proxy-port=443
server.proxy-name=example.com
server.context-path=/

server.ssl.key-store=/opt/atlassian/bitbucket/<version>/jre/lib/security/cacerts

</code>
===== Login to bitbucket and setup User Directories =====
{{:wiki:bitbucket-ldap-setup1.png?direct&200|}}
{{:wiki:bitbucket-ldap-setup2.png?direct&200|}}
{{:wiki:bitbucket-ldap-setup3.png?direct&200|}}

===== Restart Java if it doesn't pick up the certs =====

===== Group Schema Settings.Group Object Filter =====

  (&(objectClass=group)(memberof=CN=SomeUser-Groups,CN=Users,DC=example,DC=com))


====== References ======
  *  https://developer.atlassian.com/bitbucket/api/2/reference/