Uploaded image for project: 'Bamboo Data Center'
  1. Bamboo Data Center
  2. BAM-25755

Ability to provide own certificate for gRPC channel in Bamboo datacenter

XMLWordPrintable

    • 0

    • Our product teams collect and evaluate feedback from a number of different sources. To learn more about how we use customer feedback in the planning process, check out our new feature policy.

      Currently Bamboo Datacenter uses a self signed certificate for the ssl gRPC communication between nodes within the cluster. Bamboo will listen on the node.internal.communication.port port [9090] for the gRPC traffic. This leads some security scanners to complain that this is insecure as the issuer is not a known CA.

      The following certificate was at the top of the certificate
      chain sent by the remote host, but it is signed by an unknown
      certificate authority :

      |-Subject : CN=Local node
      |-Issuer : CN=Bamboo GRPC Root CA

      Affected Port:
      9090/tcp

      If the certificate does not exist then Bamboo will recreate a self-signed certificate when a cluster node is started.

      This request is to allow the Bamboo admin to provide their own certificate with CA of their choice rather than a self signed certificate.

              mgardias Marcin Gardias
              cberry@atlassian.com Chris Berry (Inactive)
              Votes:
              5 Vote for this issue
              Watchers:
              9 Start watching this issue

                Created:
                Updated: