Securing Self-Hosted Agents using SSL

KB#1040: Last Updated February 12, 2019

BuildMaster Agents exposed to the Internet should include additional security compared to agents running on a secure local network. The self-hosted agents in BuildMaster support the use of SSL encryption just like agents hosted using IIS.

Installing the Certificate

To use SSL, you must have an appropriate certificate installed to the machine store on the BuildMaster Agent. You can view/add certificates using the Certificates MMC Snap-In. Take note of the Friendly Name field for the certificate; you will need this to configure the Agent.


Configuring the Agent

With the certificate installed, you are now ready to edit the Agent’s configuration file to enable SSL. Open the app_appSettings.config file in a text editor. This file is located in the installation folder of the Agent – by default, this is C:\BuildMaster\TcpAgent. Add the following key to this config file:

<add key=”Agent.CertificateName” value=”Friendly Name”/>

Of course, you should replace Friendly Name with the friendly name of your certificate. Once you’ve saved the config file, restart the Agent.