diff --git a/meta/classes/create-spdx-2.2.bbclass b/meta/classes/create-spdx-2.2.bbclass
index 795ba1a882..cd1d6819bf 100644
--- a/meta/classes/create-spdx-2.2.bbclass
+++ b/meta/classes/create-spdx-2.2.bbclass
@@ -354,15 +354,6 @@ def add_download_packages(d, doc, recipe):
             if f.type == "file":
                 continue
 
-            uri = f.type
-            proto = getattr(f, "proto", None)
-            if proto is not None:
-                uri = uri + "+" + proto
-            uri = uri + "://" + f.host + f.path
-
-            if f.method.supports_srcrev():
-                uri = uri + "@" + f.revisions[name]
-
             if f.method.supports_checksum(f):
                 for checksum_id in CHECKSUM_LIST:
                     if checksum_id.upper() not in oe.spdx.SPDXPackage.ALLOWED_CHECKSUMS:
@@ -377,7 +368,7 @@ def add_download_packages(d, doc, recipe):
                     c.checksumValue = expected_checksum
                     package.checksums.append(c)
 
-            package.downloadLocation = uri
+            package.downloadLocation = oe.spdx_common.fetch_data_to_uri(f, name)
             doc.packages.append(package)
             doc.add_relationship(doc, "DESCRIBES", package)
             # In the future, we might be able to do more fancy dependencies,
diff --git a/meta/lib/oe/spdx30_tasks.py b/meta/lib/oe/spdx30_tasks.py
index 70d1bc7e8a..1ae13b4af8 100644
--- a/meta/lib/oe/spdx30_tasks.py
+++ b/meta/lib/oe/spdx30_tasks.py
@@ -379,22 +379,15 @@ def add_download_files(d, objset):
                     inputs.add(file)
 
             else:
-                uri = fd.type
-                proto = getattr(fd, "proto", None)
-                if proto is not None:
-                    uri = uri + "+" + proto
-                uri = uri + "://" + fd.host + fd.path
-
-                if fd.method.supports_srcrev():
-                    uri = uri + "@" + fd.revisions[name]
-
                 dl = objset.add(
                     oe.spdx30.software_Package(
                         _id=objset.new_spdxid("source", str(download_idx + 1)),
                         creationInfo=objset.doc.creationInfo,
                         name=file_name,
                         software_primaryPurpose=primary_purpose,
-                        software_downloadLocation=uri,
+                        software_downloadLocation=oe.spdx_common.fetch_data_to_uri(
+                            fd, name
+                        ),
                     )
                 )
 
diff --git a/meta/lib/oe/spdx_common.py b/meta/lib/oe/spdx_common.py
index dfe90f96cf..1ea55419ae 100644
--- a/meta/lib/oe/spdx_common.py
+++ b/meta/lib/oe/spdx_common.py
@@ -42,7 +42,6 @@ def is_work_shared_spdx(d):
 
 
 def load_spdx_license_data(d):
-
     with open(d.getVar("SPDX_LICENSES"), "r") as f:
         data = json.load(f)
         # Transform the license array to a dictionary
@@ -225,3 +224,22 @@ def get_patched_src(d):
             bb.utils.mkdirhier(spdx_workdir)
     finally:
         d.setVar("WORKDIR", workdir)
+
+
+def fetch_data_to_uri(fd, name):
+    """
+    Translates a bitbake FetchData to a string URI
+    """
+    uri = fd.type
+    # Map gitsm to git, since gitsm:// is not a valid URI protocol
+    if uri == "gitsm":
+        uri = "git"
+    proto = getattr(fd, "proto", None)
+    if proto is not None:
+        uri = uri + "+" + proto
+    uri = uri + "://" + fd.host + fd.path
+
+    if fd.method.supports_srcrev():
+        uri = uri + "@" + fd.revisions[name]
+
+    return uri