wiki:connect_samba_ldap_bitbucket
Table of Contents
Connect to Samba with LDAP (Bitbucket e.g.)
Get the cert
openssl s_client -connect example.com:443 -servername example.com:443 < /dev/null | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > public.crt
Insert cert to java keystore (this needs to be done on each bitbucket software update, so change version in path accordingly)
/opt/atlassian/bitbucket/<version>/jre/bin/keytool -import -alias git -keystore /opt/atlassian/bitbucket/<version>/jre/lib/security/cacerts -file public.crt
Default password is “changeit” Tell Bitbucket to use this java keystore (it should already use this by default)
root@bitbucketserver:/opt/atlassian/bitbucket/<version># cat /var/atlassian/application-data/bitbucket/shared/bitbucket.properties
#>******************************************************* #> Migrated to database at jdbc:mysql://localhost:3306/bitbucket?characterEncoding=utf8&useUnicode=true #> Updated on 2019-07-01T12:34:10.271+02:00 #>******************************************************* jdbc.driver=com.mysql.jdbc.Driver jdbc.url=jdbc:mysql://localhost:3306/bitbucket?characterEncoding=utf8&useUnicode=true jdbc.user=user jdbc.password=pwd server.port=7990 server.secure=true server.scheme=https server.proxy-port=443 server.proxy-name=example.com server.context-path=/ server.ssl.key-store=/opt/atlassian/bitbucket/<version>/jre/lib/security/cacerts
Login to bitbucket and setup User Directories
Restart Java if it doesn't pick up the certs
Group Schema Settings.Group Object Filter
(&(objectClass=group)(memberof=CN=SomeUser-Groups,CN=Users,DC=example,DC=com))
References
wiki/connect_samba_ldap_bitbucket.txt · Last modified: 2020/12/14 10:25 by antisa