How to run .NET SSL sample using file based certificates from the client side in EMS.
Article ID: KB0087069
Updated On:
| Products | Versions |
|---|---|
| TIBCO Enterprise Message Service | - |
| Not Applicable | - |
Description
Resolution:
To run .NET SSL sample in EMS 4.4 and later, add the trusted certificates into the "Trusted Root Certification Authorities" through the Microsoft Management Console (MMC).
The root certificate needs to be installed in the Microsoft certificate store. This is required by Microsoft. The EMS .NET API:storeInfo.SetSSLTrustedCertificate() can later be used to specify specific certificates. For example, you may have ten certificates having the same root but you may want to only trust a specific certificate. The storeInfo.SetSSLTrustedCertificate API can be used for that. Note that you only need to import the root certificate to the Microsoft certificate store, not all the certificates issued by the root. For example, if using the certificates provided by EMS, do the following to add the trusted certificate server_root.cert.pem.
1). On the Windows machine, click start -> Run , type "mmc" to start the Microsoft management Console (MMC).
2). In MMC, click File -> Add/Remove Snap-in...
3). In the Add/Remove Snap-in window, click Add. In the "Add Standalone Snap-in" pop up window, select "Certificates" to add. In the "Certificates snap-in" pop up window, select "My user account" and click "Finish". Then close those pop up windows.
4). In Console Root, expand "Certificates - Current User" -> Trusted Root Certification Authorities. Right click Certificates and click "All Tasks" -> Import...
Note: On some versions of Windows (for example: Windows 7, Windows 2008 ), you need to import the trusted certificate into the Local Computer of Trusted Root Certification Authorities due to the Windows machines default domain policy.
5). In the Certificate Import Wizard, click Browse and select server_root.cert.pem. Since it looks for *.cer files by default, it will be convenient to copy server_root.cert.pem to server_root.cer first. Click "Next" and select Place all certificates in the following store: Trusted Root certification Authorities. Click "Next" and "Finish".
6). Make sure "server_root" is added in the Certificates list.
You do not need to specify the trusted certificates in the .NET SSL program after importing the trusted certificates into the "Trusted Root Certification Authorities" through the Microsoft Management Console (MMC). Then you can run the .NET SSL sample program.
To run .NET SSL sample in EMS 4.4 and later, add the trusted certificates into the "Trusted Root Certification Authorities" through the Microsoft Management Console (MMC).
The root certificate needs to be installed in the Microsoft certificate store. This is required by Microsoft. The EMS .NET API:storeInfo.SetSSLTrustedCertificate() can later be used to specify specific certificates. For example, you may have ten certificates having the same root but you may want to only trust a specific certificate. The storeInfo.SetSSLTrustedCertificate API can be used for that. Note that you only need to import the root certificate to the Microsoft certificate store, not all the certificates issued by the root. For example, if using the certificates provided by EMS, do the following to add the trusted certificate server_root.cert.pem.
1). On the Windows machine, click start -> Run , type "mmc" to start the Microsoft management Console (MMC).
2). In MMC, click File -> Add/Remove Snap-in...
3). In the Add/Remove Snap-in window, click Add. In the "Add Standalone Snap-in" pop up window, select "Certificates" to add. In the "Certificates snap-in" pop up window, select "My user account" and click "Finish". Then close those pop up windows.
4). In Console Root, expand "Certificates - Current User" -> Trusted Root Certification Authorities. Right click Certificates and click "All Tasks" -> Import...
Note: On some versions of Windows (for example: Windows 7, Windows 2008 ), you need to import the trusted certificate into the Local Computer of Trusted Root Certification Authorities due to the Windows machines default domain policy.
5). In the Certificate Import Wizard, click Browse and select server_root.cert.pem. Since it looks for *.cer files by default, it will be convenient to copy server_root.cert.pem to server_root.cer first. Click "Next" and select Place all certificates in the following store: Trusted Root certification Authorities. Click "Next" and "Finish".
6). Make sure "server_root" is added in the Certificates list.
You do not need to specify the trusted certificates in the .NET SSL program after importing the trusted certificates into the "Trusted Root Certification Authorities" through the Microsoft Management Console (MMC). Then you can run the .NET SSL sample program.
Issue/Introduction
How to run .NET SSL sample using file based certificates from the client side in EMS.
Feedback
Yes
No
Powered by
