Question
Telstra
AU
Last activity: 21 May 2017 22:17 EDT
JMS on Tomcat with SSL
We are using JMS on Tomcat. Everything works fine with tcp but listeners won’t work with SSL. Any thoughts on crucial steps what we might be missing? Appreciate your help.
***Updated by moderator: Lochan to add Categories***
Pegasystems Inc.
IN
Hi,
Could you please share what are the errors you are getting in logs ?
Pegasystems Inc.
US
What is your JMS provider? What is your pega version? What type of listeners are you using? (e.g., MQ listener, or ActiveMQ JMS listener?)
Telstra
AU
JMS Provider is Tibco. Pega version 7.2.2
Pegasystems Inc.
US
Can you attach the complete logs what kinds of SSL errors you are seeing? I wonder if it has to do with generic SSL truststore setup errors.
Telstra
AU
Quick update on this. Following changes fixed our issue.
- Following custom properties on JNDI Server rule
- com.tibco.tibjms.naming.security_protocol = ssl
- com.tibco.tibjms.naming.ssl_enable_verify_host = false
- com.tibco.tibjms.ssl.enable_verify_hostname = false
- com.tibco.tibjms.ssl.vendor = entrust
- Earlier we have imported the vendor JAR files to DB using import wizard, prior to placing them under /opt/apache-tomcat/webapps/prweb/WEB-INF/lib (our path, this may vary for others), we had to remove these records in the DB from pr_engine_classes table.
Pegasystems Inc.
US
Thanks for sharing this. Looks like you got all the info from Tibco docs, right? e.g., the javadoc: https://docs.tibco.com/pub/enterprise_message_service/7.0.1-march-2013/doc/html/tib_ems_api_reference/api/javadoc/com/tibco/tibjms/naming/TibjmsContext.html. Also the reason you had to pull the jars out of pega database is due to some conflicts?