TeamCity build agent becomes disconnected after adding self-signed https certificate to teamcity

Question 1

The build agent works as a client to the build server and communicates with it using http/https, and it turns out that when you add a self-signed certificate the build agent does not accept it.

I needed to

Let the build agent know the new path for communicating with the server
Let the build agent know that it could trust the self-signed certificate

To change the path I did the following (see this post for more details )

Locate the file:
$TEAMCITY_HOME/buildAgent/conf/buildAgent.properties

Change the property
serverUrl=http:\://localhost\:8080 to your new url

To let the build agent know that it could trust the new certificate I had to import it into the build agent's key store.This was done using keytool:

keytool -importcert -file <cert file>  
        -keystore <agent installation path>/jre/lib/security/cacerts

( unless you've changed it, the keystore is protected by password: changeit)

The TeamCity team describes this process in slightly more details here

NOTE
If you need to retrieve your certificate from the TeamCity buildserver keystore, you can also use keytool to do this :

keytool -export -alias <alias name>  
        -file <certificate file name> 
        -keystore <Teamcity keystore path>

Question 2

Here is a link to the TeamCity v8 documentation on the keytool.

I was doing this on a Windows Build Agent and had a self-signed SSL cert on my Amazon Linux Build Server. Here were the steps I took:

Went to build server in browser on Build Agent i.e. https://teamcity.example.com
Clicked on the certificate error in the URL and downloaded the cert to the local machine
Exported the certificate from the certificate explorer in windows into a cer file.

Used the keytool exactly as specified in the documentation

> keytool -importcert -file <cert file where it was exported to> 
  -keystore <path to JRE installation>/lib/security/cacerts
password: changeit

Restarted the build agent and viola!