Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Celebration

Earn badges and make progress

You're on your way to the next level! Join the Kudos program to earn points and save your progress.

Deleted user Avatar
Deleted user

Level 1: Seed

25 / 150 points

Next: Root

Avatar

1 badge earned

Collect

Participate in fun challenges

Challenges come and go, but your rewards stay with you. Do more to earn more!

Challenges
Coins

Gift kudos to your peers

What goes around comes around! Share the love by gifting kudos to your peers.

Recognition
Ribbon

Rise up in the ranks

Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!

Leaderboard

Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Atlassian Community about banner
4,467,278
Community Members
 
Community Events
177
Community Groups

Cannot setup secured remote agent for Bamboo 6.10

After setting up successfully HTTPS for a few Atlassian services, one of them being Bamboo, I tried to secure the connection between the Bamboo server and a remote agent.

I followed this guide (official Atlassian doc). Basically, it just instructs you do change two values in the Bamboo configuration (to ssl://).

Now, the remote agent cannot register with the server. Here is the error I get in catalina.out on the Bamboo server:

2019-10-22 14:14:22,599 ERROR [ActiveMQ BrokerService[bamboo] Task-7] [TransportConnector] Could not accept connection from tcp://IP:PORT : javax.net.ssl.SSLHandshakeException: Received fatal alert: certificate_unknown

Note that this works perfectly if I revert to non ssl broker connection (but still HTTPS for Bamboo web server).

First, I thought that the problem was because I was using a custom keystoreFile="" in the Connector of Bamboo.

This looks similar in the doc:

If you're using custom SSL setup (e.g. you're running Bamboo with -Djavax.net.ssl.keyStore=SOMEPATH), you need to follow the guidelines in Manually securing your remote agents.

Sadly, the page is from 2017 and the "Manually securing your remote agents" was probably removed, because there is no link to it anymore.

So, I simply redid the install of HTTPS certificates without using a custom keystoreFile="" in the Connector. The keystore is now the default $HOME/.keystore and the connector doesn't specify any path.

The connection still doesn't work. Bamboo is supposed to distribute the certificates, so I don't understand what is wrong:

After they're done, Bamboo will automatically set up the key/trust stores and distribute certificates to the agents the moment the first time the agent connects to the server. 

I think that this page could be improved a bit, giving more details.

1 answer

0 votes

Look at workaround at issue https://jira.atlassian.com/browse/BAM-20521

Suggest an answer

Log in or Sign up to answer
TAGS

Atlassian Community Events