Issues

Issue #7325 wontfix

Allow usage of HTTPS with CNAME

Giovanni Bajo
created an issue

Currently, HTTPS cannot be used with custom domains (CNAMEs) because of certificate mismatch.

It would be possible for BitBucket to fix this by letting users upload their own SSL certificate (private key) and serve them afterwards through SSL SNI.

Comments (4)

  1. saschanaz

    Hi, I think there is another way to fix this.

    This is what GitHub cert contains:

    githubcert.png

    And this is what Bitbucket cert contains:

    bitbucketcert.png

    I think Bitbucket one should also support *.bitbucket.org to get HTTPS work on custom domains.

    Edit (2/5/2015): I mean supporting addresses like saschanaz.bitbucket.org.

  2. Nils Andreas Svee

    NB: This isn't in any way supported by Bitbucket, if you mess something up, you're on your own.

    I found a way around this using CloudFlares new free SSL feature

    1. If you haven't already, register your domain on CloudFlare and create a CNAME pointing to bitbucket.org
    2. Turn off CloudFlare for the (sub-)domain you're gonna be using, if you don't this won't work
    3. Follow the official instructions for setting up custom domains with Bitbucket
    4. Enable Full SSL for your domain on CloudFlare (not strict). You can also use a page rule if you only want a sub-domain to use SSL, see CloudFlares instructions for that
    5. Enable CloudFlare for your (sub-)domain.

    Now you should be good to go =)

  3. Log in to comment