How to configure a SSL connection between TIBCO ActiveMatrix(R) Adapter for WebSphere MQ and TIBCO Enterprise Message Service.
Article ID: KB0089943
Updated On:
| Products | Versions |
|---|---|
| TIBCO ActiveMatrix Adapter for Websphere MQ | - |
| Not Applicable | - |
Description
Resolution:
Description:
=====================
How to configure a SSL connection between TIBCO ActiveMatrix(R) Adapter for WebSphere MQ and TIBCO Enterprise Message Service.
Environment:
=====================
TIBCO ActiveMatrix(R) Adapter for WebSphere MQ 5.x, 6.x
Resolution:
=========
1). Open a new project and configure an adapter instance with JMS as the transport type.
2). Create a new folder under the project root.
3). Select the folder created in the above step.
4). Select “Tools->Trusted Certificates->Import into PEM format” in designer.
5). Import the following files into the folder created in the step 2:
a). client.cert.pem
b). client_root.cert.pem
c). server.cert.pem
d). server_root.cert.pem
These files are at <jms_home>/version/samples/certs. E.g. c:\tibco\ems\5.0\samples\certs
6). Now create an identity for these certificates. To create the identity, go to project root under general palattes and drag the identity palette.
7). While configuring the identity specify the following,
a). Type --Identity File
b). Url--browse for <jms_home>/samples/certs/client_identity file
c). File Type--PKCS12
d). Password--password.
e). Click “apply”
8). Go to JMS Session under the advanced folder of the adapter configured and check the Use SSL check box and then browse for configure SSL.
9). Specify the following values to configure SSL.
a). Basic Tab
i). Trusted Certificates Folder – specify the folder created in step 1
ii).Identity – specify the identity file created in step 6
b). Advanced Tab
i). Uncheck the Verify Host Name option
Apply the configuration.
After completing step 9 Configuration of the SSL Session, start the JMS server with the SSL configuration to run adapter with SSL.
The following is the configuration for JMS Server with SSL:
1). Go to EMS installation path, find tibems.conf file in bin folder and open it with notepad.
2). Add “listen” property with “ssl://7243”, e.g. listen = ssl://7243
3). Set following parameters:
ssl_server_identity = certs/server.cert.pem
ssl_server_key = certs/server.key.pem
ssl_password = password
ssl_server_trusted = certs/client_root.cert.pem
4). Go to EMS Server installation path and find bin folder in command prompt. E.g. c:\tibco\ems\5.0\bin
5). Start SSL for EMS Server by entering the command “tibemsd –config tibems.conf” in the command prompt.
After you complete configuration on the adapter side and the EMS Server side as outlined abobe, you could run the Adapter with a SSL connection with EMS Server.
References:
===========
More information is available from EMS document. The related information is in “User’s Guide->Chapter 17 Using the SSL Protocol”.
Description:
=====================
How to configure a SSL connection between TIBCO ActiveMatrix(R) Adapter for WebSphere MQ and TIBCO Enterprise Message Service.
Environment:
=====================
TIBCO ActiveMatrix(R) Adapter for WebSphere MQ 5.x, 6.x
Resolution:
=========
1). Open a new project and configure an adapter instance with JMS as the transport type.
2). Create a new folder under the project root.
3). Select the folder created in the above step.
4). Select “Tools->Trusted Certificates->Import into PEM format” in designer.
5). Import the following files into the folder created in the step 2:
a). client.cert.pem
b). client_root.cert.pem
c). server.cert.pem
d). server_root.cert.pem
These files are at <jms_home>/version/samples/certs. E.g. c:\tibco\ems\5.0\samples\certs
6). Now create an identity for these certificates. To create the identity, go to project root under general palattes and drag the identity palette.
7). While configuring the identity specify the following,
a). Type --Identity File
b). Url--browse for <jms_home>/samples/certs/client_identity file
c). File Type--PKCS12
d). Password--password.
e). Click “apply”
8). Go to JMS Session under the advanced folder of the adapter configured and check the Use SSL check box and then browse for configure SSL.
9). Specify the following values to configure SSL.
a). Basic Tab
i). Trusted Certificates Folder – specify the folder created in step 1
ii).Identity – specify the identity file created in step 6
b). Advanced Tab
i). Uncheck the Verify Host Name option
Apply the configuration.
After completing step 9 Configuration of the SSL Session, start the JMS server with the SSL configuration to run adapter with SSL.
The following is the configuration for JMS Server with SSL:
1). Go to EMS installation path, find tibems.conf file in bin folder and open it with notepad.
2). Add “listen” property with “ssl://7243”, e.g. listen = ssl://7243
3). Set following parameters:
ssl_server_identity = certs/server.cert.pem
ssl_server_key = certs/server.key.pem
ssl_password = password
ssl_server_trusted = certs/client_root.cert.pem
4). Go to EMS Server installation path and find bin folder in command prompt. E.g. c:\tibco\ems\5.0\bin
5). Start SSL for EMS Server by entering the command “tibemsd –config tibems.conf” in the command prompt.
After you complete configuration on the adapter side and the EMS Server side as outlined abobe, you could run the Adapter with a SSL connection with EMS Server.
References:
===========
More information is available from EMS document. The related information is in “User’s Guide->Chapter 17 Using the SSL Protocol”.
Issue/Introduction
How to configure a SSL connection between TIBCO ActiveMatrix(R) Adapter for WebSphere MQ and TIBCO Enterprise Message Service.
Feedback
Yes
No
Powered by
