Disabling public repository access globally causes "Secure Connection Failed" error

Platform Notice: Data Center Only - This article only applies to Atlassian apps on the Data Center platform.

Note that this KB was created for the Data Center version of the product. Data Center KBs for non-Data-Center-specific features may also work for Server versions of the product, however they have not been tested. Support for Server* products ended on February 15th 2024. If you are running a Server product, you can visit the Atlassian Server end of support announcement to review your migration options.

*Except Fisheye and Crucible

Summary

After setting the feature.public.access=false configuration property in your bitbucket.properties file and then restarting, Bitbucket will start up but then throws a "Secure connection failed" error when accessing it through the browser.

Environment

  • Bitbucket version 6.10.0

  • A load balancer/proxy is being used to access the Bitbucket instance

Diagnosis

  • Although Bitbucket isn't available through the browser, the logs indicate that Bitbucket started up successfully and there are no errors that would actually prevent Bitbucket from starting.

  • When feature.public.access=false is commented out, Bitbucket starts with no issues and is accessible from the browser.

  • When checking the access logs after starting Bitbucket with the property set, there are no HTTP(S) request entries except for a few entries of "GET /repos HTTP/1.1", with response code 302 (redirect), as shown below:

10.0.0.15 | https | i@W72Z25x319x55x2 ... "GET /repos HTTP/1.1" | "" "" | - | ... 10.0.0.15 | https | o@W72Z25x319x55x2 ... "GET /repos HTTP/1.1" | "" "" | 302 | ...

    • ℹ️ When cross-checking the application logs for this request-id, there is a clear mention of the /mvc/repos?visibility=public endpoint. However, if feature.public.access=false, this endpoint should not be available.

2021-03-07 05:19:06,469 DEBUG ... @W72Z25x319x55x2 10.0.0.15 "GET /repos HTTP/1.1" ... "FORWARD" dispatch for GET "/mvc/repos?visibility=public", parameters={masked}

Cause

There is a configuration problem on the proxy/load balancer that needs to be investigated.

It's recommended that the administrators of the proxy/load balancer confirm that the <bitbucket_url>/mvc/repos?visibility=public URL is handled and routing correctly on the proxy/load balancer.

Solution

Check your proxy/load balancer device settings and modify them accordingly.

Workaround

Attempt to access Bitbucket through bypassing the proxy.

  • ℹ️ For instance, see if you can access the application directly through http://localhost:7995 after following the instructions in the above document.

Updated on April 16, 2025
Platform
Data Center only
App
Bitbucket Data Center
On this pageSummaryDiagnosisCauseSolution

Still need help?

The Atlassian Community is here for you.
Ask the Community