IBM® UrbanCode™ Build servers and agents communicate over HTTP and Java Message Service (JMS) protocols. JMS is used for basic commands and information that are exchanged between the server and an agent. Typically, HTTP is used for file transfers between the server and an agent. For example, HTTP is used when an agent downloads a new plug-in or when an agent uploads or downloads version artifacts.
For JMS connections, IBM UrbanCode Build supports communication through SSL in two modes: unauthenticated and mutual authentication. In unauthenticated mode, communication is encrypted but users do not have to authenticate or verify their credentials. SSL unauthenticated mode can also be used for HTTP communication. You can implement this mode for HTTP communication during server or agent installation. You can also activate it afterward.
IBM UrbanCode Build automatically uses SSL in unauthenticated mode for JMS-based communications between the server and agents. You cannot disable SSL in unauthenticated mode, but you can enable mutual authentication for JMS-based server-agent communication.
In mutual authentication mode, servers and local agents each provide a digital certificate to one another. A digital certificate is a cryptographically signed document that is intended to assure others about the identity of the certificate's owner. IBM UrbanCode Build certificates are self-signed. When mutual authentication mode is active, IBM UrbanCode Build uses it for HTTP-based server, local agents communication.
In mutual authentication mode, the IBM UrbanCode Build server provides a digital certificate to each local agent, and each local agent provides one to the server.