TeamCity Insecure Tomcat connector attributes:

Avatar
KenobySky
Created

**Overview**

I set up teamcity using their documentation found at https://www.jetbrains.com/help/teamcity/install-teamcity-server-on-linux-or-macos.html#Example%3A+Installation+using+Ubuntu+Linux

I installed teamcity using tar.gz, as found here:
https://www.jetbrains.com/help/teamcity/install-teamcity-server-on-linux-or-macos.html#Install+from+tar.gz

After that, I set the reverse proxy by following the tutorial:
https://www.jetbrains.com/help/teamcity/configuring-proxy-server.html#Apache

In this part, since I use cPanel + WHM, I went to the path

   /etc/apache2/conf.d/userdata/std/2_4/ACCOUNT_NAME/DOMAIN_NAME/include.conf

And pasted this:

   LoadModule  proxy_module          /usr/lib/apache2/modules/mod_proxy.so
   LoadModule  proxy_http_module     /usr/lib/apache2/modules/mod_proxy_http.so
   LoadModule  headers_module        /usr/lib/apache2/modules/mod_headers.so
   LoadModule  proxy_wstunnel_module /usr/lib/apache2/modules/mod_proxy_wstunnel.so
   
   ProxyRequests       Off
   ProxyPreserveHost   On
   ProxyPass           /app/subscriptions ws://localhost:8111/app/subscriptions connectiontimeout=240 timeout=1200
   ProxyPassReverse    /app/subscriptions ws://localhost:8111/app/subscriptions
   
   ProxyPass           / http://localhost:8111/ connectiontimeout=240 timeout=1200
   ProxyPassReverse    / http://localhost:8111/
   
   ## The following entries are required to allow the Agent Terminal feature to function with websockets
   ProxyPass           /plugins/teamcity-agent-terminal/ ws://localhost:8111/plugins/teamcity-agent-terminal/ connectiontimeout=240 timeout=1200
   ProxyPassReverse    /plugins/teamcity-agent-terminal/ ws://localhost:8111/plugins/teamcity-agent-terminal/
   
   ProxyPass           /app/agentTerminal/ ws://localhost:8111/app/agentTerminal/ connectiontimeout=240 timeout=1200
   ProxyPassReverse    /app/agentTerminal/ ws://localhost:8111/app/agentTerminal/


**Problem**

Now Https seems to be working except for the fact, I get a warning in teamcity:
Proxy server configuration
Requests with incorrect HTTP proxy configuration are detected.
Insecure Tomcat connector attributes:
Request by USER_REDACTED from IP_REDACTED
See teamcity-server.log for details.

   [2024-04-19 12:50:56,328]   WARN -   jetbrains.buildServer.SERVER - Incorrect proxy server configuration detected: Insecure Tomcat connector attributes (missing secure attributes.). Details: Tomcat connector configuration missing one of secure="true" and scheme="https" attributes.). Request: POST '/proxyCheck.html?browserLocationHost=teams.MY_DOMAIN_REDACTED.net.br', from client REDACTED (127.0.0.1:34542), client: AJAX-Prototype, authenticated as user with id=1

Votes

0

Share

1 comment
Avatar
Anton Vakhtel
Created
Hi,

Please make sure that the Tomcat is also configured as described in the documentation: https://www.jetbrains.com/help/teamcity/configuring-proxy-server.html#TeamCity+Tomcat+Configuration.
I.e., you need to change the "Connector" node in <TeamCity Home>/conf/server.xml file. When the public server address is HTTPS, use the `secure="true"` and `scheme="https"` attributes.

Best regards,
Anton
0

Please sign in to leave a comment.