JBoss Community

Re: How to configure JBoss to use Tibco JMS over SSL

created by Umesh R in JBoss Messaging - View the full discussion

If you are configuring tibco jms using ldap and SSL, your jms-ds (~/jboss-5.1.0.GA/server/default/deploy/messaging/jms-ds.xml) mbean entires would look like this

 

<mbean code="org.jboss.jms.jndi.JMSProviderLoader"
        name=":service=JMSProviderLoader,name=TibjmsProvider">
    <attribute name="ProviderName">TIBCOJMSProvider</attribute>
    <attribute name="ProviderAdapterClass">org.jboss.jms.jndi.JNDIProviderAdapter</attribute>
    <!--
     add ldap path to myqueue factory
    -->
    <attribute name="QueueFactoryRef">CN=prod,OU=myappid,OU=ConnectionFactory,OU=myqueuename</attribute>
    <attribute name="TopicFactoryRef">XAMyTopicConnectionFactory</attribute>
    <attribute name="Properties">
        java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory
    <!--
      add ldap server url
        -->
        java.naming.provider.url=myldapurl
    </attribute>
  </mbean>

   <mbean code="org.jboss.naming.NamingAlias"
                name="DefaultDomain:service=NamingAlias,fromName=TopicConnectionFactory">
    <attribute name="ToName">tibjmsnaming://localhost/XAMyTopicConnectionFactory</attribute>
    <attribute name="FromName">MyTopicConnectionFactory</attribute>
  </mbean>

 

   <mbean code="org.jboss.naming.NamingAlias"
                name="DefaultDomain:service=NamingAlias,fromName=QueueConnectionFactory">
    <attribute name="ToName">tibjmsnaming://localhost/QueueConnectionFactory</attribute>
    <attribute name="FromName">MyQueueConnectionFactory</attribute>
  </mbean>

    <mbean code="org.jboss.naming.NamingAlias"
                name="DefaultDomain:service=NamingAlias,fromName=MyQueue">
    <!--
     add ldap path to myqueue destination
    -->
    <attribute name="ToName">CN=prod,OU=Destination,OU=myqueuename</attribute>
    <attribute name="FromName">jms/MyQueue</attribute>
  </mbean>

 


Normally the cert and key path is configured in ldap(atleast in my case).  Make tibco debug trace enabled so that it will print the cert path in the logs when it throws error if it is not finding the cert path. Place your ca.crt.pem and .p12 files there. The tibco debug trace can be enabled by setting respective system properties, i.e. by adding following entry to $JBOSS_HOME/server/default/deploy/properties-service.xml
  
  <attribute name="Properties">
        com.tibco.tibjms.debug=true
        com.tibco.tibjms.ssl.debug.trace=true
        com.tibco.tibjms.ssl.trace=true
   </attribute>

 

Make sure to add tibjms.jar, tibcrypt.jar to $JBOSS_HOME/server/default/lib. Btw, the setup did is for jboss-5.1.0.GA

Reply to this message by going to Community

Start a new discussion in JBoss Messaging at Community