How to Set "RuntimeCertificatesDirectory" to use SSL certificates from an external directory in TIBCO ActiveMatrix® Adapter for Files (Unix/Win)
Article ID: KB0079754
Updated On:
| Products | Versions |
|---|---|
| TIBCO ActiveMatrix BusinessWorks Plug-in for Files for Unix and Windows | - |
| Not Applicable | - |
Description
How to Set "RuntimeCertificatesDirectory" to use SSL certificates from an external directory in TIBCO ActiveMatrix® Adapter for Files (Unix/Win)
Issue/Introduction
How to Set "RuntimeCertificatesDirectory" to use SSL certificates from an external directory in TIBCO ActiveMatrix® Adapter for Files (Unix/Win)
Environment
Product: TIBCO ActiveMatrix® Adapter for Files (Unix/Win)
Version: 5.5.x, 5.6.x, 6.0.x, 6.1.x, 6.2.x
OS: All Supported Operating Systems
--------------------
Resolution
We can configure TIBCO ActiveMatrix Adapter for Files (Unix/Win) (FA) for SSL that can fetch the certificates at run time without importing them directly into the Designer project. FA supports external SSL files at run-time by allowing applications to reference externally trusted certificates placed in a location configured in RuntimeCertificatesDirectory.
The Global Variable 'RuntimeCertificatesDirectory' is a predefined global variable which Provides support for external SSL files at runtime by allowing applications to reference externally trusted certificates instead of using the certificate in the EAR file. Use this variable to specify the path of the directory in which all of the Trusted Certificates are stored.
Take note of the following setting the of GV (Runtime Directory variable) to Trusted Certificate Folders for configuring SSL:
1). The option, “java.property.EnableExternalCertificatesFeature true”, was set in the Designer.tra file.
2). Set the RuntimeCertificatesDirectory GV to the directory having only the required certificates. Example: If you set 'RuntimeCertificatesDirectory' GV to "C:\tibco\ems\6.0\samples\certs\certs701\Krishna_Certifcates", then the directory 'Krishna_Certifcates' must contain only the required certificate and no additional/other certificates.
3). In the JMS topic session while configuring SSL, use the variable RuntimeCertificatesDirectory for the Trusted Certificate Folders. Refer to the attached Screenshot. (Filename: TrustedCertificateFolder.jpg).
Sample Example project:
Refer to the attached sample FA project (Filename: RuntimeCertificatesDirectory.zip) which has the FA publisher using the JMS transport with SSL enabled. In the SSL Configuration Trusted Certificate Folder, configure the global variable 'RuntimeCertificatesDirectory' set to 'ExternalDirectoryPath' to use the SSL certificates from an external directory outside of the project.
The Global Variable 'RuntimeCertificatesDirectory' is a predefined global variable which Provides support for external SSL files at runtime by allowing applications to reference externally trusted certificates instead of using the certificate in the EAR file. Use this variable to specify the path of the directory in which all of the Trusted Certificates are stored.
Take note of the following setting the of GV (Runtime Directory variable) to Trusted Certificate Folders for configuring SSL:
1). The option, “java.property.EnableExternalCertificatesFeature true”, was set in the Designer.tra file.
2). Set the RuntimeCertificatesDirectory GV to the directory having only the required certificates. Example: If you set 'RuntimeCertificatesDirectory' GV to "C:\tibco\ems\6.0\samples\certs\certs701\Krishna_Certifcates", then the directory 'Krishna_Certifcates' must contain only the required certificate and no additional/other certificates.
3). In the JMS topic session while configuring SSL, use the variable RuntimeCertificatesDirectory for the Trusted Certificate Folders. Refer to the attached Screenshot. (Filename: TrustedCertificateFolder.jpg).
Sample Example project:
Refer to the attached sample FA project (Filename: RuntimeCertificatesDirectory.zip) which has the FA publisher using the JMS transport with SSL enabled. In the SSL Configuration Trusted Certificate Folder, configure the global variable 'RuntimeCertificatesDirectory' set to 'ExternalDirectoryPath' to use the SSL certificates from an external directory outside of the project.
Feedback
Yes
No
Powered by
