3 Replies Latest reply on Oct 14, 2010 2:22 PM by Umesh R

    How to configure JBoss to use Tibco JMS over SSL

    Rama Krishna Sarraju Newbie

      Hi ,

       

      Can someone please send me the procedure/steps to configure JBoss to use remote Tibco EMS JMS Provider over SSL.

       

      I have already referred to the following link and was able to configure JBOSS to use local Tibco JMS ( JBOSS and Tibco EMS exist on same box) over TCP :

      http://community.jboss.org/wiki/IntegrationWithTibcoEMS?decorator=print

       

      Any help in this regard is highly appreciated.

       

      Thanks & Regards,

      RamaKrishna

        • 1. Re: How to configure JBoss to use Tibco JMS over SSL
          Clebert Suconic Master

          That's probably more of a question to Tibco?

           

           

          This forum is about JBoss-Messaging. (A project which is a previous version of HornetQ).

          • 2. Re: How to configure JBoss to use Tibco JMS over SSL
            Rama Krishna Sarraju Newbie

            Agree. I was not able to find relavent Tibco document. Now i found it and I am trying it out.

             

            Posted in this forum just to get pointers like the  following link which was extremely helpful :

             

            http://community.jboss.org/wiki/IntegrationWithTibcoEMS?decorator=print

             

            The above link has everything except SSL configuration. If some body can update it , that would be a great help for many people

            • 3. Re: How to configure JBoss to use Tibco JMS over SSL
              Umesh R Newbie

              If you are configuring tibco jms using ldap and SSL, your jms-ds (~/jboss-5.1.0.GA/server/default/deploy/messaging/jms-ds.xml) mbean entires would look like this

               

              <mbean code="org.jboss.jms.jndi.JMSProviderLoader"
                      name=":service=JMSProviderLoader,name=TibjmsProvider">
                  <attribute name="ProviderName">TIBCOJMSProvider</attribute>
                  <attribute name="ProviderAdapterClass">org.jboss.jms.jndi.JNDIProviderAdapter</attribute>
                  <!--
                   add ldap path to myqueue factory
                  -->
                  <attribute name="QueueFactoryRef">CN=prod,OU=myappid,OU=ConnectionFactory,OU=myqueuename</attribute>
                  <attribute name="TopicFactoryRef">XAMyTopicConnectionFactory</attribute>
                  <attribute name="Properties">
                      java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory
                  <!--
                    add ldap server url
                      -->
                      java.naming.provider.url=myldapurl
                  </attribute>
                </mbean>

                 <mbean code="org.jboss.naming.NamingAlias"
                              name="DefaultDomain:service=NamingAlias,fromName=TopicConnectionFactory">
                  <attribute name="ToName">tibjmsnaming://localhost/XAMyTopicConnectionFactory</attribute>
                  <attribute name="FromName">MyTopicConnectionFactory</attribute>
                </mbean>

               

                 <mbean code="org.jboss.naming.NamingAlias"
                              name="DefaultDomain:service=NamingAlias,fromName=QueueConnectionFactory">
                  <attribute name="ToName">tibjmsnaming://localhost/QueueConnectionFactory</attribute>
                  <attribute name="FromName">MyQueueConnectionFactory</attribute>
                </mbean>

                  <mbean code="org.jboss.naming.NamingAlias"
                              name="DefaultDomain:service=NamingAlias,fromName=MyQueue">
                  <!--
                   add ldap path to myqueue destination
                  -->
                  <attribute name="ToName">CN=prod,OU=Destination,OU=myqueuename</attribute>
                  <attribute name="FromName">jms/MyQueue</attribute>
                </mbean>

               


              Normally the cert and key path is configured in ldap(atleast in my case).  Make tibco debug trace enabled so that it will print the cert path in the logs when it throws error if it is not finding the cert path. Place your ca.crt.pem and .p12 files there. The tibco debug trace can be enabled by setting respective system properties, i.e. by adding following entry to $JBOSS_HOME/server/default/deploy/properties-service.xml
                
                <attribute name="Properties">
                      com.tibco.tibjms.debug=true
                      com.tibco.tibjms.ssl.debug.trace=true
                      com.tibco.tibjms.ssl.trace=true
                 </attribute>

               

              Make sure to add tibjms.jar, tibcrypt.jar to $JBOSS_HOME/server/default/lib. Btw, the setup did is for jboss-5.1.0.GA