7 Configuring JMS over SSL
Parent topic: 7 Configuring JMS over SSL

7.1 Configuring JMS over SSL in Connect (TIBCO)

Required Jars for JMS Configuration

In order to cofnigure JMS using TIBCO, you will require the following jars:

  • jms-2.0.jar
  • slf4j-api-1.4.2.jar
  • slf4j-simple-1.4.2.jar
  • tibcrypt.jar
  • tibemsd_sec.jar
  • tibjms.jar
  • tibjmsadmin.jar
  • tibjmsapps.jar
  • tibjmsufo.jar
  • tibrvjms.jar

These jars should be provided to you from your MQ team.

Configuring JMS Using TIBCO

To configure JMS using TIBCO:
  1. On the CONNECT internal node, create a folder called 'jms' in kc/import and copy the above .jar files into this directory
  2. Append the classpath in crm.env to include all of the above files
  3. Copy the appropriate certificates to kc/import (client_identify.p12 and server_root.cert.pem)
  4. Create a text file called jndi.properties in the /kc directory and copy the following text. This edits the certificate and identifies locations to point to appropiate path: 
                                com.tibco.tibjms.naming.security_protocol=ssl
                            com.tibco.tibjms.naming.ssl_enable_verify_host=false
                            com.tibco.tibjms.naming.ssl_enable_verify_hostname=false
                            com.tibco.tibjms.naming.ssl_vendor=j2se
                            com.tibco.tibjms.naming.ssl_expected_hostname=server
                            com.tibco.tibjms.naming.ssl_identity=d:/client_identity.p12 (Edit path and name)
                            com.tibco.tibjms.naming.ssl_password=password
                            com.tibco.tibjms.naming.ssl_trusted_certs=d:/server_root.cert.pem (Edit path and name)
                            #DEBUG
                            com.tibco.tibjms.naming.ssl_trace=true
                            com.tibco.tibjms.naming.ssl_debug_trace=true
                            com.tibco.tibjms.debug=true
                            com.tibco.tibjms.ssl.debug.trace=true
                            com.tibco.tibjms.ssl.trace=true
  5. Copy the Java Cryptography Extension (JCE) Unlimited Strength Jursidiction Policy files for Java 7 (local_policy.jar and US_export_policy.jar) to the inside nodes Java directory kc/java/lib/security .

    The files can be downloaded from http://www.oracle.com/technetwork/java/javase/downloads/jce-7-download-432124.html.

  6. Restart the runmonitor.sh process:
    1. As root run /etc/rc3.d/S80Connect stop
    2. Run /etc/rc3.d/S80Connect start
  7. Create the Connection Factory in Connect
  8. Restart all the Connect nodes through the UI
  9. Start the Connection Factory in Connect
Parent topic: 7 Configuring JMS over SSL
WebHelp output generated byXML Author