SSL securing remote agents

I'm trying to get my remote agents to phone in via SSL (via this guide), but I can't seem to get them to work, my current bamboo config defines the broker urls as:

broker url: 
ssl://0.0.0.0:54663?wireFormat.maxInactivityDuration=300000
 
broker client url:
failover:(ssl://bamboo.mydomain.com:54663?wireFormat.maxInactivityDuration=300000)?initialReconnectDelay=15000&maxReconnectAttempts=10

 

However the guide only says what to says to set "bamboo.jms.broker.uri" to, what should "bamboo.jms.broker.client.uri" be set to?


Bamboo runs on a server behind nginx, which is doing the SSL termination, and proxies the request to Bamboo. Is there incoming traffic to nginx on port 54663, or does all incoming traffic happen on HTTPS and bamboo opens a connection over port 54663 to the remote agent?

I'm guessing there may be some kind of incoming traffic to nginx on port 54663, because in the bamboo remote agent log I see:

WARN [Thread-0] [BambooActiveMQConnectionFactory] Broker URI: ssl://bamboo.mydomain.com:54663?wireFormat.maxInactivityDuration=300000 is invalid: java.net.ConnectException: Connection refused

But I don't think nginx will proxy any traffic besides http/https, so how does the 'jms' traffic bamboo sends get back to bamboo when nginx/apache are proxying?

2 answers

0 vote

Hello Justin,

Thank you for your question.

At the moment, Bamboo remote agents connectivity can be secure at this level: How to secure your remote agent (Bamboo Server), however, a feature to run Bamboo with client certificates will become available in Bamboo v5.10 as per https://jira.atlassian.com/browse/BAM-15451.

If you find this answer useful, I would kindly ask you to accept it so the same will be visible to others who might be facing the same issue you have inquired.

Thank you for your understanding.

Kind regards,
Rafael P. Sperafico
Atlassian Support

0 vote

At the moment, the Bamboo agent requires direct access to the JMS port of Bamboo, you can't proxy that.

Suggest an answer

Log in or Sign up to answer
How to earn badges on the Atlassian Community

How to earn badges on the Atlassian Community

Badges are a great way to show off community activity, whether you’re a newbie or a Champion.

Learn more
Community showcase
Published May 18, 2017 in Bamboo

FAQ: How to Upgrade Bamboo Server

Bamboo 5.9 will no longer be supported after June 12, 2017. What does this mean? As part of our End of Life policy, Atlassian supports major versions for two years after the first major iteratio...

1,812 views 0 6
Read article

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you