Question
JMS on Tomcat with SSL
We are using JMS on Tomcat. Everything works fine with tcp but listeners won’t work with SSL. Any thoughts on crucial steps what we might be missing? Appreciate your help.
***Updated by moderator: Lochan to add Categories***
What is your JMS provider? What is your pega version? What type of listeners are you using? (e.g., MQ listener, or ActiveMQ JMS listener?)
JMS Provider is Tibco. Pega version 7.2.2
Can you attach the complete logs what kinds of SSL errors you are seeing? I wonder if it has to do with generic SSL truststore setup errors.
Quick update on this. Following changes fixed our issue.
- Following custom properties on JNDI Server rule
- com.tibco.tibjms.naming.security_protocol = ssl
- com.tibco.tibjms.naming.ssl_enable_verify_host = false
- com.tibco.tibjms.ssl.enable_verify_hostname = false
- com.tibco.tibjms.ssl.vendor = entrust
- Earlier we have imported the vendor JAR files to DB using import wizard, prior to placing them under /opt/apache-tomcat/webapps/prweb/WEB-INF/lib (our path, this may vary for others), we had to remove these records in the DB from pr_engine_classes table.
Thanks for sharing this. Looks like you got all the info from Tibco docs, right? e.g., the javadoc: https://docs.tibco.com/pub/enterprise_message_service/7.0.1-march-2013/…. Also the reason you had to pull the jars out of pega database is due to some conflicts?
Hi,
Could you please share what are the errors you are getting in logs ?