Yes. And, the documentation for this feature in 16.7.0 is here <https://docs.go.cd/16.7.0/installation/ssl_tls/end_to_end_transport_security.html> .
On Thu, Jul 28, 2016 at 3:38 PM, David Rice <[email protected]> wrote: > This PR at https://github.com/gocd/gocd/pull/2236 has been merged and, I > believe, will be in the 16.7 release which is due out any day now. > > -David > > On Thu, Jul 28, 2016 at 12:03 PM Jarrett Lee <[email protected]> wrote: > >> The company I work for has a hard requirement on any traffic that crosses >> major network boundaries be encrypted. We have GoCD Servers in special >> zones that are accessible to our developers' workstations and GoCD Agents >> in every zone, including those that are not accessible to developers' >> workstations. This means we have a hard requirement on GoCD Agent to GoCD >> Server communication being fully encrypted, but it is not. We do understand >> what is being sent by HTTP and agree what it poses little to no risk, but >> our policy governing inter-zone communication is non-negotiable. >> >> Currently we have GoCD Agents communicating with the server by wrapping >> the comms in stunnel, which works, but has proven to be fragile. We wish to >> remove stunnel to improve stability of the service we are offering the devs. >> >> How can we get rid of the initial communication that occurs over HTTP >> (defaults to 8153) or move that communication to HTTPS? >> >> This must be possible. Is it already baked into newer versions (we are on >> 15.2) and is a simple configuration option? If not, is it on the >> development backlog somewhere? If it's not available currently or planned, >> why is it not planned? Our investment in keeping stunnel working is >> becoming so costly, we have considered contributing code to add this and >> other features. >> >> -- >> You received this message because you are subscribed to the Google Groups >> "go-cd" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected]. >> For more options, visit https://groups.google.com/d/optout. >> > -- > You received this message because you are subscribed to the Google Groups > "go-cd" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > For more options, visit https://groups.google.com/d/optout. > -- You received this message because you are subscribed to the Google Groups "go-cd" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
