Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Celebration

Earn badges and make progress

You're on your way to the next level! Join the Kudos program to earn points and save your progress.

Deleted user Avatar
Deleted user

Level 1: Seed

25 / 150 points

Next: Root

Avatar

1 badge earned

Collect

Participate in fun challenges

Challenges come and go, but your rewards stay with you. Do more to earn more!

Challenges
Coins

Gift kudos to your peers

What goes around comes around! Share the love by gifting kudos to your peers.

Recognition
Ribbon

Rise up in the ranks

Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!

Leaderboard

Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Atlassian Community about banner
4,460,397
Community Members
 
Community Events
176
Community Groups

SSL securing remote agents

I'm trying to get my remote agents to phone in via SSL (via this guide), but I can't seem to get them to work, my current bamboo config defines the broker urls as:

broker url: 
ssl://0.0.0.0:54663?wireFormat.maxInactivityDuration=300000
 
broker client url:
failover:(ssl://bamboo.mydomain.com:54663?wireFormat.maxInactivityDuration=300000)?initialReconnectDelay=15000&maxReconnectAttempts=10

 

However the guide only says what to says to set "bamboo.jms.broker.uri" to, what should "bamboo.jms.broker.client.uri" be set to?


Bamboo runs on a server behind nginx, which is doing the SSL termination, and proxies the request to Bamboo. Is there incoming traffic to nginx on port 54663, or does all incoming traffic happen on HTTPS and bamboo opens a connection over port 54663 to the remote agent?

I'm guessing there may be some kind of incoming traffic to nginx on port 54663, because in the bamboo remote agent log I see:

WARN [Thread-0] [BambooActiveMQConnectionFactory] Broker URI: ssl://bamboo.mydomain.com:54663?wireFormat.maxInactivityDuration=300000 is invalid: java.net.ConnectException: Connection refused

But I don't think nginx will proxy any traffic besides http/https, so how does the 'jms' traffic bamboo sends get back to bamboo when nginx/apache are proxying?

3 answers

Hi,
are there any updates yet and the jms port is proxy-able or still isn't?

0 votes

At the moment, the Bamboo agent requires direct access to the JMS port of Bamboo, you can't proxy that.

0 votes
rsperafico Atlassian Team Aug 25, 2015

Hello Justin,

Thank you for your question.

At the moment, Bamboo remote agents connectivity can be secure at this level: How to secure your remote agent (Bamboo Server), however, a feature to run Bamboo with client certificates will become available in Bamboo v5.10 as per https://jira.atlassian.com/browse/BAM-15451.

If you find this answer useful, I would kindly ask you to accept it so the same will be visible to others who might be facing the same issue you have inquired.

Thank you for your understanding.

Kind regards,
Rafael P. Sperafico
Atlassian Support

Suggest an answer

Log in or Sign up to answer
TAGS

Atlassian Community Events