What are the Steps to configure TIBCO EMS over SSL using external certificates in BW
Article ID: KB0092577
Updated On:
| Products | Versions |
|---|---|
| TIBCO ActiveMatrix BusinessWorks | - |
| Not Applicable | - |
Description
Resolution:
Here are the steps:
1- Create a new project.
2- Create a new folder (named certificates)
3- Import \TIBCO\ems\bin\certs\server.cert.pem and server_root.cert.pem into the folder created in step 2 (certificates)
4- Copy C:\TIBCO\ems\bin\certs\client_identity.p12 over your project file. Create an Identity using .p12 file file. Password is “password”.
5- Create a JMS connection. Check the SSL.
6- Select SSL Configuration button.
7- Select certificate folder and identify from steps 2 and 3.
8- De-select Verify Host Name from Advance tab.
9- Enter JNDI Factory and URL.
Test connection – it works.
Now follow these steps for using external certificate:
10- Add a global Variable named “BW_GLOBAL_TRUSTED_CA_STORE”
11- Add the location of your external certificates. Don’t include certificate name.
For example, if save your certificate in c:/temp/certs, then add value "file:///c:/temp/certs"for the above global variable.
12- Copy the certificates into c:/temp/certs.
13- Delete the certificates from step 3. DO NOT delete the folder, just the files. The reason is “The Trusted Certificate Folder”
On SSL Configure page is required so we want to keep the folder so “The Trusted Certificate Folder” still points to a valid folder but
The value of “BW_GLOBAL_TRUSTED_CA_STORE” will override it.
14- Save your work.
15- Exit the Designer. There is a caching issue.
16- Restart Designer and test the connection.
A sample project file is attached
Here are the steps:
1- Create a new project.
2- Create a new folder (named certificates)
3- Import \TIBCO\ems\bin\certs\server.cert.pem and server_root.cert.pem into the folder created in step 2 (certificates)
4- Copy C:\TIBCO\ems\bin\certs\client_identity.p12 over your project file. Create an Identity using .p12 file file. Password is “password”.
5- Create a JMS connection. Check the SSL.
6- Select SSL Configuration button.
7- Select certificate folder and identify from steps 2 and 3.
8- De-select Verify Host Name from Advance tab.
9- Enter JNDI Factory and URL.
Test connection – it works.
Now follow these steps for using external certificate:
10- Add a global Variable named “BW_GLOBAL_TRUSTED_CA_STORE”
11- Add the location of your external certificates. Don’t include certificate name.
For example, if save your certificate in c:/temp/certs, then add value "file:///c:/temp/certs"for the above global variable.
12- Copy the certificates into c:/temp/certs.
13- Delete the certificates from step 3. DO NOT delete the folder, just the files. The reason is “The Trusted Certificate Folder”
On SSL Configure page is required so we want to keep the folder so “The Trusted Certificate Folder” still points to a valid folder but
The value of “BW_GLOBAL_TRUSTED_CA_STORE” will override it.
14- Save your work.
15- Exit the Designer. There is a caching issue.
16- Restart Designer and test the connection.
A sample project file is attached
Issue/Introduction
What are the Steps to configure TIBCO EMS over SSL using external certificates in BW
Attachments
Feedback
Yes
No
Powered by
