Configuring the BusinessEvents FTL Channel to Publish to a TIBCO Cloud Messaging (TCM) FTL service
Article ID: KB0072182
Updated On:
| Products | Versions |
|---|---|
| TIBCO BusinessEvents Enterprise Edition | 6.x |
Description
This article provides guidance on configuring the BusinessEvents FTL Channel to publish to a TIBCO Cloud Messaging (TCM) FTL service. The TCM configuration file is obtained from the TCM web ui, and is used to configure the necessary FTL Channel properties. This allows you to publish messages from a locally-run (on-prem) BusinessEvents application to channels managed by your TCM FTL service.
Issue/Introduction
Provides the steps needed to configure the BusinessEvents FTL Channel to connect to a TIBCO Cloud Messaging (TCM) FTL Service, and publish messages.
Resolution
In the TCM web ui, go to the ' Authentication' screen and select ' Create Role'. Provide a Role Name, and select the FTL service. Also ensure this role is entitled to publish messages. Finally, select ' channel' under the ' Accessible Channels' section.
When you are returned to the Authentication screen, you should now see the role you created in your role list. In the ' Configuration File' column, select the option to download the role configuration file ( tcm-config.yaml). This file contains the authentication key for this role, as well as the connection details for the FTL TCM service.
The tcm-config.yaml contains the TCM FTL server's public certificate, which is the value of ' ftl_certificate'. As noted in the TCM Help:
"The value of ftl_certificate is a PEM string encoded to fit on a single line. Replace the \n substring with a newline character to obtain a legal PEM string."
To perform this replacement, you may open the tcm-config.yaml in a text editor such as Notepad++. Find the 'ftl_certificate' value. For example..
Copy the value, and paste it into a new file named ' ftl-trusted.pem'. Then replace any newline markers (\n) with actual new lines. The result would look like this:
This is now a valid PEM-formatted certificate. Place your ' ftl-trusted.pem' certificate in a known directory on your system (e.g. C:/trusted/ftl-trusted.pem).
Next, you will need to import the ' ftl-trusted.pem' trusted certificate into a trust store. To do this, you may use the Java keytool command-line utility. For example:
This will create a trust store named ' truststore.p12' under C:\trusted\, secured with the password 'secret'.
In Studio, create an Identity Resource (under the SharedResources folder) to reference the trust store you created. Go to File > New > Other > TIBCO Shared Resources > Identity Resource. Provide a name for the Identity file (e.g. TCM_FTL_ID.id), and set the following properties:
Next, open the FTL Channel definition (or, open the *.ftl connection resource if the FTL connection is configured as a separate resource file), and set the ' RealmServer' property to the value of the 'ftl_url' shown in your tcm-config.yaml. For example:
Also set additional properties:
Then select ' Use SSL' and click the ' Configure SSL' button.
Set the ' Trust Type' to 'TrustFile', and set ' Identity' to the Identity resource you created above (/SharedResources/TCM_FTL_ID.id).
For the FTL Destinations you've defined in your FTL Channel definition file, set the following properties:
Note that the value for ' Application Name' comes from the tcm-config.yaml file's 'ftl_application' line.
Your local BusinessEvents application is now configured to publish messages to your TCM FTL service.
When you are returned to the Authentication screen, you should now see the role you created in your role list. In the ' Configuration File' column, select the option to download the role configuration file ( tcm-config.yaml). This file contains the authentication key for this role, as well as the connection details for the FTL TCM service.
The tcm-config.yaml contains the TCM FTL server's public certificate, which is the value of ' ftl_certificate'. As noted in the TCM Help:
"The value of ftl_certificate is a PEM string encoded to fit on a single line. Replace the \n substring with a newline character to obtain a legal PEM string."
To perform this replacement, you may open the tcm-config.yaml in a text editor such as Notepad++. Find the 'ftl_certificate' value. For example..
ftl_certificate: -----BEGIN CERTIFICATE-----\nMIH4MIGwoAMCAQICBGI4lkYwCgYIKoZIzj0EAwQwFTETMBEGA1UEAwwKVENNIFNl\ncnZlcjAeFw0yMjAzMjExNTE0MTRaFw0yMzAzMjExNTE0MTRaMBUxEzARBgNVBAMM\nClRDTSBTZXJ2ZXIwSTATBgcqhkjOPQIBBggqhkjOPQMABQMyAAQpejPPFUx6zFhA\n lLLhKHCd9DwJriMBxFUk2Pz/aFA4RsFjQ+MjhBCPFXwGS03vaVcwCgYIKoZIzj0E\nAwQDNwAwNAIYHFTbEQnGWHvyBeTmsxb16h+t/Qc7tnH2Ahg4dUmJ5ED6UBAUdHj4\n64KRNRYBP+5rjog=\n-----END CERTIFICATE-----\n
Copy the value, and paste it into a new file named ' ftl-trusted.pem'. Then replace any newline markers (\n) with actual new lines. The result would look like this:
-----BEGIN CERTIFICATE----- MIH4MIGwoAMCAQICBGI4lkYwCgYIKoZIzj0EAwQwFTETMBEGA1UEAwwKVENNIFNl cnZlcjAeFw0yMjAzMjExNTE0MTRaFw0yMzAzMjExNTE0MTRaMBUxEzARBgNVBAMM ClRDTSBTZXJ2ZXIwSTATBgcqhkjOPQIBBggqhkjOPQMABQMyAAQpejPPFUx6zFhA lLLhKHCd9DwJriMBxFUk2Pz/aFA4RsFjQ+MjhBCPFXwGS03vaVcwCgYIKoZIzj0E AwQDNwAwNAIYHFTbEQnGWHvyBeTmsxb16h+t/Qc7tnH2Ahg4dUmJ5ED6UBAUdHj4 64KRNRYBP+5rjog= -----END CERTIFICATE-----
This is now a valid PEM-formatted certificate. Place your ' ftl-trusted.pem' certificate in a known directory on your system (e.g. C:/trusted/ftl-trusted.pem).
Next, you will need to import the ' ftl-trusted.pem' trusted certificate into a trust store. To do this, you may use the Java keytool command-line utility. For example:
keytool -import -trustcacerts -alias tcmftl -file ftl-trusted.pem -keystore truststore.p12 -storetype PKCS12 -storepass secret -noprompt
This will create a trust store named ' truststore.p12' under C:\trusted\, secured with the password 'secret'.
In Studio, create an Identity Resource (under the SharedResources folder) to reference the trust store you created. Go to File > New > Other > TIBCO Shared Resources > Identity Resource. Provide a name for the Identity file (e.g. TCM_FTL_ID.id), and set the following properties:
- Type: Identity File
- URL: C:/trusted/truststore.p12
- Password: secret
Next, open the FTL Channel definition (or, open the *.ftl connection resource if the FTL connection is configured as a separate resource file), and set the ' RealmServer' property to the value of the 'ftl_url' shown in your tcm-config.yaml. For example:
- RealmServer: https://tib-sub-******.messaging.cloud.tibco.com:12345
Also set additional properties:
- UserName: The value of 'tcm_authentication_id' from your tcm-config.yaml.
- Password: The value of 'tcm_authentication_key' from your tcm-config.yaml.
Then select ' Use SSL' and click the ' Configure SSL' button.
Set the ' Trust Type' to 'TrustFile', and set ' Identity' to the Identity resource you created above (/SharedResources/TCM_FTL_ID.id).
For the FTL Destinations you've defined in your FTL Channel definition file, set the following properties:
- Application Name: channel
- Endpoint Name: default
Note that the value for ' Application Name' comes from the tcm-config.yaml file's 'ftl_application' line.
Your local BusinessEvents application is now configured to publish messages to your TCM FTL service.
Feedback
Yes
No
Powered by
