Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Interests
See all
Community resources
Top groups
Explore all groups
Community resources
It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Sign up for free Log in
Atlassian Community Hero Image Collage

SSL securing remote agents

Inavero Purchas
Inavero Purchasing Aug 24, 2015

I'm trying to get my remote agents to phone in via SSL (via this guide), but I can't seem to get them to work, my current bamboo config defines the broker urls as:

broker url: 
ssl://0.0.0.0:54663?wireFormat.maxInactivityDuration=300000
 
broker client url:
failover:(ssl://bamboo.mydomain.com:54663?wireFormat.maxInactivityDuration=300000)?initialReconnectDelay=15000&maxReconnectAttempts=10

 

However the guide only says what to says to set "bamboo.jms.broker.uri" to, what should "bamboo.jms.broker.client.uri" be set to?


Bamboo runs on a server behind nginx, which is doing the SSL termination, and proxies the request to Bamboo. Is there incoming traffic to nginx on port 54663, or does all incoming traffic happen on HTTPS and bamboo opens a connection over port 54663 to the remote agent?

I'm guessing there may be some kind of incoming traffic to nginx on port 54663, because in the bamboo remote agent log I see:

WARN [Thread-0] [BambooActiveMQConnectionFactory] Broker URI: ssl://bamboo.mydomain.com:54663?wireFormat.maxInactivityDuration=300000 is invalid: java.net.ConnectException: Connection refused

But I don't think nginx will proxy any traffic besides http/https, so how does the 'jms' traffic bamboo sends get back to bamboo when nginx/apache are proxying?

Answer
Watch
Like Be the first to like this
917 views

3 answers

0 votes
Christoph Buchenberg
Christoph Buchenberg Oct 15, 2019

Hi,
are there any updates yet and the jms port is proxy-able or still isn't?

Reply
0 votes
Przemek Bruski
Przemek Bruski Atlassian Team Aug 27, 2015

At the moment, the Bamboo agent requires direct access to the JMS port of Bamboo, you can't proxy that.

Reply
0 votes
rsperafico
rsperafico Atlassian Team Aug 25, 2015

Hello Justin,

Thank you for your question.

At the moment, Bamboo remote agents connectivity can be secure at this level: How to secure your remote agent (Bamboo Server), however, a feature to run Bamboo with client certificates will become available in Bamboo v5.10 as per https://jira.atlassian.com/browse/BAM-15451.

If you find this answer useful, I would kindly ask you to accept it so the same will be visible to others who might be facing the same issue you have inquired.

Thank you for your understanding.

Kind regards,
Rafael P. Sperafico
Atlassian Support

Reply

Suggest an answer

Log in or Sign up to answer
Bamboo
Bamboo
TAGS
Community showcase
Martyna Wojtas
Martyna Wojtas
Published in Bamboo

Bamboo Data Center on Kubernetes

Hi, If you are running self-managed environments and looking to adopt modern infrastructure, Bamboo Data Center can now be deployed in a Kubernetes cluster. By leveraging Kubernetes, you can easily...

57 views 0 4
Read article

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you