Remote agents stop connecting after upgrading to Bamboo 6.9+ versions

Still need help?

The Atlassian Community is here for you.

Ask the community

Platform notice: Server and Data Center only. This article only applies to Atlassian products on the Server and Data Center platforms.

Support for Server* products ended on February 15th 2024. If you are running a Server product, you can visit the Atlassian Server end of support announcement to review your migration options.

*Except Fisheye and Crucible

Problem

After upgrading Bamboo to 6.9+ versions, remote agents stop connecting to the server and the following appears in the atlassian-bamboo-agent.log file:

2019-06-04 10:50:17,205 FATAL [AgentRunnerThread] [AgentBootstrap] Exiting due to fatal exception.
java.lang.reflect.InvocationTargetException
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.lang.reflect.Method.invoke(Method.java:498)
	at com.atlassian.bamboo.agent.bootstrap.AgentRunner.run(AgentRunner.java:26)
	at java.lang.Thread.run(Thread.java:748)
Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'agentRegistrationBean': Invocation of init method failed; nested exception is org.springframework.remoting.RemoteAccessException: Could not access JMS invoker queue [queue://com.atlassian.bamboo.registrationQueue]; nested exception is javax.jms.IllegalStateException: javax.jms.JMSException: java.security.cert.CertificateException: No name matching unproxyed-bamboo-adress.com found
	at org.springframework.beans.factory.annotation.InitDestroyAnnotationBeanPostProcessor.postProcessBeforeInitialization(InitDestroyAnnotationBeanPostProcessor.java:139)
...
	at com.atlassian.bamboo.v2.build.agent.remote.RemoteAgent$1.<init>(RemoteAgent.java:214)
	at com.atlassian.bamboo.v2.build.agent.remote.RemoteAgent.initApplicationContext(RemoteAgent.java:214)
	at com.atlassian.bamboo.v2.build.agent.remote.RemoteAgent.start(RemoteAgent.java:82)
	... 6 more
Caused by: org.springframework.remoting.RemoteAccessException: Could not access JMS invoker queue [queue://com.atlassian.bamboo.registrationQueue]; nested exception is javax.jms.IllegalStateException: javax.jms.JMSException: java.security.cert.CertificateException: No name matching unproxyed-bamboo-adress.com found
	at org.springframework.jms.remoting.JmsInvokerClientInterceptor.convertJmsInvokerAccessException(JmsInvokerClientInterceptor.java:432)
...
	at org.springframework.beans.factory.annotation.InitDestroyAnnotationBeanPostProcessor.postProcessBeforeInitialization(InitDestroyAnnotationBeanPostProcessor.java:136)
	... 22 more
Caused by: javax.jms.IllegalStateException: javax.jms.JMSException: java.security.cert.CertificateException: No name matching unproxyed-bamboo-adress.com found
	at org.apache.activemq.jms.pool.ConnectionPool.createSession(ConnectionPool.java:162)
	at org.apache.activemq.jms.pool.PooledConnection.createSession(PooledConnection.java:167)
	at org.springframework.jms.remoting.JmsInvokerClientInterceptor.createSession(JmsInvokerClientInterceptor.java:281)
	at org.springframework.jms.remoting.JmsInvokerClientInterceptor.executeRequest(JmsInvokerClientInterceptor.java:250)
	at org.springframework.jms.remoting.JmsInvokerClientInterceptor.invoke(JmsInvokerClientInterceptor.java:204)
	... 33 more
Caused by: javax.jms.JMSException: java.security.cert.CertificateException: No name matching unproxyed-bamboo-adress.com found
	at org.apache.activemq.util.JMSExceptionSupport.create(JMSExceptionSupport.java:72)
	at org.apache.activemq.ActiveMQConnection.syncSendPacket(ActiveMQConnection.java:1421)
	at org.apache.activemq.ActiveMQConnection.ensureConnectionInfoSent(ActiveMQConnection.java:1486)
	at org.apache.activemq.ActiveMQConnection.createSession(ActiveMQConnection.java:329)
	at org.apache.activemq.jms.pool.ConnectionPool.makeSession(ConnectionPool.java:112)
	at org.apache.activemq.jms.pool.ConnectionPool$1.makeObject(ConnectionPool.java:82)
	at org.apache.activemq.jms.pool.ConnectionPool$1.makeObject(ConnectionPool.java:78)
	at org.apache.commons.pool2.impl.GenericKeyedObjectPool.create(GenericKeyedObjectPool.java:1041)
	at org.apache.commons.pool2.impl.GenericKeyedObjectPool.borrowObject(GenericKeyedObjectPool.java:357)
	at org.apache.commons.pool2.impl.GenericKeyedObjectPool.borrowObject(GenericKeyedObjectPool.java:279)
	at org.apache.activemq.jms.pool.ConnectionPool.createSession(ConnectionPool.java:144)
	... 37 more
Caused by: javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No name matching unproxyed-bamboo-adress.com found
	at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
..
	at org.apache.activemq.transport.tcp.TcpTransport.oneway(TcpTransport.java:194)
	at org.apache.activemq.transport.AbstractInactivityMonitor.doOnewaySend(AbstractInactivityMonitor.java:335)
	at org.apache.activemq.transport.AbstractInactivityMonitor.oneway(AbstractInactivityMonitor.java:317)
	at org.apache.activemq.transport.WireFormatNegotiator.sendWireFormat(WireFormatNegotiator.java:181)
	at org.apache.activemq.transport.WireFormatNegotiator.sendWireFormat(WireFormatNegotiator.java:84)
	at org.apache.activemq.transport.WireFormatNegotiator.start(WireFormatNegotiator.java:74)
	at org.apache.activemq.transport.failover.FailoverTransport.doReconnect(FailoverTransport.java:1017)
	at org.apache.activemq.transport.failover.FailoverTransport$2.iterate(FailoverTransport.java:148)
	at org.apache.activemq.thread.PooledTaskRunner.runTask(PooledTaskRunner.java:133)
	at org.apache.activemq.thread.PooledTaskRunner$1.run(PooledTaskRunner.java:48)
	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
	... 1 more
Caused by: java.security.cert.CertificateException: No name matching unproxyed-bamboo-adress.com found
	at sun.security.util.HostnameChecker.matchDNS(HostnameChecker.java:231)
	at sun.security.util.HostnameChecker.match(HostnameChecker.java:96)
	at sun.security.ssl.X509TrustManagerImpl.checkIdentity(X509TrustManagerImpl.java:455)
	at sun.security.ssl.X509TrustManagerImpl.checkIdentity(X509TrustManagerImpl.java:436)
	at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:200)
	at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:124)
	at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1621)
	... 22 more

Diagnosis

Environment

  • This problem only occurs when all the following items are true:

    • Bamboo version 6.9.0+ is installed
    • Broker URL is set to use SSL

Cause

This is due to the implementation of a new version of ActiveMQ on Bamboo 6.9.0. The new version used by Bamboo comes with the implementation of AMQ-7047 adding support to the transport on both server and client side to configure if hostname verification is enabled or disabled. If Bamboo agents use SSL connection to server and certificate has incorrect host name, the handshake will fail.

Resolution

Add the socket.verifyHostName=false parameter to the bamboo.jms.broker.client.uri property in <bamboo-home-folder>/bamboo.cfg.xml file:


  1. Edit $BAMBOO_HOME/bamboo.cfg.xml
  2. Add socket.verifyHostName=false to bamboo.jms.broker.client.uri. Example below:

    <property name="bamboo.jms.broker.client.uri">failover:(ssl://bamboo:54663?wireFormat.maxInactivityDuration=300000&amp;socket.verifyHostName=false)?initialReconnectDelay=15000&amp;maxReconnectAttempts=10</property>
  3. Restart Bamboo

  4. Restart Remote Agents


DescriptionAfter upgrading Bamboo to 6.9+ versions, remote agents stop connecting to the server 
ProductBamboo

Last modified on Aug 24, 2022

Was this helpful?

Yes
No
Provide feedback about this article
Powered by Confluence and Scroll Viewport.