openssl s_client -connect example.com:443 -servername example.com:443 < /dev/null | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > public.crt

Insert cert to java keystore (this needs to be done on each bitbucket software update, so change version in path accordingly)

 /opt/atlassian/bitbucket/<version>/jre/bin/keytool -import -alias git -keystore /opt/atlassian/bitbucket/<version>/jre/lib/security/cacerts -file public.crt

Default password is “changeit” Tell Bitbucket to use this java keystore (it should already use this by default)

 root@bitbucketserver:/opt/atlassian/bitbucket/<version># cat /var/atlassian/application-data/bitbucket/shared/bitbucket.properties

#>*******************************************************
#> Migrated to database at jdbc:mysql://localhost:3306/bitbucket?characterEncoding=utf8&useUnicode=true
#> Updated on 2019-07-01T12:34:10.271+02:00
#>*******************************************************
jdbc.driver=com.mysql.jdbc.Driver
jdbc.url=jdbc:mysql://localhost:3306/bitbucket?characterEncoding=utf8&useUnicode=true
jdbc.user=user
jdbc.password=pwd

server.port=7990
server.secure=true
server.scheme=https
server.proxy-port=443
server.proxy-name=example.com
server.context-path=/

server.ssl.key-store=/opt/atlassian/bitbucket/<version>/jre/lib/security/cacerts

(&(objectClass=group)(memberof=CN=SomeUser-Groups,CN=Users,DC=example,DC=com))

• https://developer.atlassian.com/bitbucket/api/2/reference/