If you are setting up Kerberos for Git and want to use a CNAME as your hostname of Bitbucket, please note the following:
While browsers are using the CNAME for looking up the A record and uses this when requesting a Kerberos ticket, your Git client will not. The Git client will request a Kerberos ticket using the CNAME. Therefore, when using Kerberos for Git in combination with using a CNAME, you will have to create a merged keytab in K-SSO consisting of one keytab for the A record and one for the CNAME. Please contact us if you have any questions about this setup.