Versions Compared

Old Version 7

changes.mady.by.user Metin Savignano

Saved on

compared with

New Version Current

changes.mady.by.user Metin Savignano

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...


Info

Please note that we've decided to move our support portal to help.savignano.net to to further improve the services for our customers.

The updated version of this page can be found at https://help.savignano.net/snotify-email-encryption/user-key-management-s-notify-for-bitbucket

Under this configuration entry, the public PGP keys or S/MIME certificates for Bitbucket users are managed. They are used for the encryption of outgoing emails.

...

The key store file must be in either of the following two formats:

  • PKCS#7 (recommended)
    This format is a common format used to export and transmit public certificates. It can hold multiple certificates and is therefore often referred to as a p7 bundle – hence the commonly used file suffix p7b. It is defined in RFC 2315. Note that the file needs to be in DER encoded (binary) format.
  • BouncyCastle
    This format is usually represented by a file suffix of bks. It is supported mainly for backward compatibility reasons. The key store must be a BKS type BouncyCastle key store. For details on how to create such a key store, please refer to S/MIME Certificate Keystore

...

If enabled, S/Notify will use the LDAP server from the Bitbucket user directory the user is associated with, if applicable. 

This setting requires that an LDAP server is used as a Bitbucket user directory, and that the user is found in this directory. S/Notify will then query the user's S/MIME certificate from the LDAP server in the following order and format:


Attribute
Format
Reference
userSMIMECertificatePKCS#7 (p7m) signed message format with single certificate or certificate chainRFC 2315: PKCS #7: Cryptographic Message Syntax
userCertificateDER binary (base-64 encoded) or PEM (ascii encoded) single X.509 certificateRFC 4523: LDAP Schema Definitions for X.509 Certificates

Note that if both, key store and LDAP server are used, certificates found in the key store will take precedence over those on the LDAP server.

...

The key store file must be in either of the following two formats:

  • ASCII-Armored
    This format is a common format used to export and transmit public keys. It is, as the name implies, encoded fully in ASCII. Usual file endings are: asc, txt
  • PGP Binary
    PGP binary file format. Usual file endings are: pgp, gpg, pkr

...