It is common within acutely sensitive development environments to incorporate SSL between the different tiers of TFS. Generally, the approach to do this is to modify the configuration to leverage the AT (Application Tier), and then we modify the configuration for the build server to use SSL as well. When this is done, you will notice that 9 times out of 10 that you can browse to the SSL site via FQDN to the builder server agent service. The certificate will even look like the application took correctly. However, you will get the error:
The request failed with an HTTP status 403: Forbidden
To get around this, do three steps:
1) Open the build service configuration file located at Microsoft Visual Studio 9.0\Common7\IDE\PrivateAssemblies\tfsbuildservice.exe.config, change the value of AllowedTeamServer to the URL of your TFS. Changing http for https in the value should work.
2) Search the registry for AllowedTeamServer and change the value of all occurrences you find.
3) Restart the build service.
Then you should be good to go!