I am trying to establish a SSL communication with Tibco EMS. TCP communication is successful and I was able to publish a message. I ma configuring it with JMS template. Below are the properties I have for communicating with Tibco.
#Tibco EMS Setup
tibco.ems.namingUrl=ssl://machineName:7223
##Tibco User name/pwd
java.naming.security.principal=testUser
java.naming.security.credentials=testUser
##Tibco Configuration details SSLQueueConnectionFactory
ems.connectionFactory=SSLQueueConnectionFactory
ems.queueName=queueName
ems.contextFactory=com.tibco.tibjms.naming.TibjmsInitialContextFactory
here is the code fro JMS template setup done in Spring.
public class JMSConfiguration {
@Autowired
private Environment environment;
@Bean
public JndiTemplate jndiTemplate() throws JMSException {
JndiTemplate jndiTemplate = new JndiTemplate();
Properties jndiProps = new Properties();
Properties props = System.getProperties();
jndiProps.setProperty("java.naming.security.principal", environment.getProperty("java.naming.security.principal"));
jndiProps.setProperty("java.naming.security.credentials", environment.getProperty("java.naming.security.credentials"));
jndiProps.setProperty("java.naming.factory.initial", environment.getProperty("ems.contextFactory"));
jndiProps.setProperty("java.naming.provider.url", environment.getProperty("tibco.ems.namingUrl"));
jndiProps.setProperty("com.tibco.tibjms.naming.security_protocol", "ssl");
jndiProps.setProperty("com.tibco.tibjms.naming.ssl_enable_verify_host", "false");
jndiTemplate.setEnvironment(jndiProps);
return jndiTemplate;
}
@Bean
public UserCredentialsConnectionFactoryAdapter authenticate() throws JMSException, NamingException {
UserCredentialsConnectionFactoryAdapter userCredentialsConnectionFactoryAdapter = new UserCredentialsConnectionFactoryAdapter();
userCredentialsConnectionFactoryAdapter.setUsername(environment.getProperty("java.naming.security.principal"));
userCredentialsConnectionFactoryAdapter.setPassword(environment.getProperty("java.naming.security.credentials"));
userCredentialsConnectionFactoryAdapter.setTargetConnectionFactory(connectionFactoryProxy());
return userCredentialsConnectionFactoryAdapter;
}
@Bean
public JndiObjectFactoryBean jmsConnectionFactory() throws JMSException {
JndiObjectFactoryBean jndiObjectFactoryBean = new JndiObjectFactoryBean();
jndiObjectFactoryBean.setJndiTemplate(jndiTemplate());
jndiObjectFactoryBean.setJndiName(environment.getProperty("ems.connectionFactory"));
return jndiObjectFactoryBean;
}
@Bean
public JndiObjectFactoryBean jmsQueueName() throws JMSException {
JndiObjectFactoryBean jndiObjectFactoryBean = new JndiObjectFactoryBean();
jndiObjectFactoryBean.setJndiTemplate(jndiTemplate());
jndiObjectFactoryBean.setJndiName(environment.getProperty("ems.queueName"));
return jndiObjectFactoryBean;
}
@Bean
public TransactionAwareConnectionFactoryProxy connectionFactoryProxy() throws NamingException, JMSException {
return new TransactionAwareConnectionFactoryProxy((ConnectionFactory) jmsConnectionFactory().getObject());
}
@Bean(name="jmsTemplate")
public JmsTemplate jmsTemplate() throws JMSException, NamingException {
JmsTemplate jmsTemplate = new JmsTemplate(authenticate());
jmsTemplate.setSessionTransacted(false);
jmsTemplate.setReceiveTimeout(5000);
jmsTemplate.setDefaultDestination((Destination) jmsQueueName().getObject());
return jmsTemplate;
}
@Bean
public QueueMessageSender queueMessageSender() {
return new QueueMessageSender();
}
I have read this link and checked if the keys are present in server machine which is have .pem key and certificate in paths specified. ssl_server_identity = machineName.crt.pem ssl_server_key = machineName.key.pem
Here is the error I am getting when trying to publish an EMs message.
org.springframework.jms.JmsSecurityException: Can not initialize SSL client: no trusted certificates are set; nested exception is javax.jms.JMSSecurityException: Can not initialize SSL client: no trusted certificates are set
at org.springframework.jms.support.JmsUtils.convertJmsAccessException(JmsUtils.java:291)
at org.springframework.jms.support.JmsAccessor.convertJmsAccessException(JmsAccessor.java:169)
at org.springframework.jms.core.JmsTemplate.execute(JmsTemplate.java:496)
at org.springframework.jms.core.JmsTemplate.send(JmsTemplate.java:568)
at org.springframework.jms.core.JmsTemplate.send(JmsTemplate.java:559)
at com.project.name.jms.QueueMessageSender.postMessage(QueueMessageSender.java:32)
at com.project.name.controller.ControllerClass.publishEMS(ControllerClass.java:228)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:497)
at org.springframework.web.method.support.InvocableHandlerMethod.doInvoke(InvocableHandlerMethod.java:221)
at org.springframework.web.method.support.InvocableHandlerMethod.invokeForRequest(InvocableHandlerMethod.java:137)
at org.springframework.web.servlet.mvc.method.annotation.ServletInvocableHandlerMethod.invokeAndHandle(ServletInvocableHandlerMethod.java:110)
at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.invokeHandleMethod(RequestMappingHandlerAdapter.java:776)
at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.handleInternal(RequestMappingHandlerAdapter.java:705)
at org.springframework.web.servlet.mvc.method.AbstractHandlerMethodAdapter.handle(AbstractHandlerMethodAdapter.java:85)
at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:959)
at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:893)
at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:966)
at org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:868)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:751)
at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:842)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:844)
at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:280)
at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:254)
at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:136)
at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:346)
at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:243)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.wrapRun(WebAppServletContext.java:3432)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3402)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:120)
at weblogic.servlet.provider.WlsSubjectHandle.run(WlsSubjectHandle.java:57)
at weblogic.servlet.internal.WebAppServletContext.doSecuredExecute(WebAppServletContext.java:2285)
at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2201)
at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2179)
at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1572)
at weblogic.servlet.provider.ContainerSupportProviderImpl$WlsRequestExecutor.run(ContainerSupportProviderImpl.java:255)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:311)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:263)
Caused by: javax.jms.JMSSecurityException: Can not initialize SSL client: no trusted certificates are set
at com.tibco.tibjms.TibjmsxLinkSSL._initSSL(TibjmsxLinkSSL.java:281)
at com.tibco.tibjms.TibjmsxLinkSSL.connect(TibjmsxLinkSSL.java:383)
at com.tibco.tibjms.TibjmsConnection._create(TibjmsConnection.java:1354)
at com.tibco.tibjms.TibjmsConnection.<init>(TibjmsConnection.java:4320)
at com.tibco.tibjms.TibjmsQueueConnection.<init>(TibjmsQueueConnection.java:39)
at com.tibco.tibjms.TibjmsxCFImpl._createImpl(TibjmsxCFImpl.java:200)
at com.tibco.tibjms.TibjmsxCFImpl._createConnection(TibjmsxCFImpl.java:253)
at com.tibco.tibjms.TibjmsConnectionFactory.createConnection(TibjmsConnectionFactory.java:61)
at org.springframework.jms.connection.TransactionAwareConnectionFactoryProxy.createConnection(TransactionAwareConnectionFactoryProxy.java:147)
at org.springframework.jms.connection.UserCredentialsConnectionFactoryAdapter.doCreateConnection(UserCredentialsConnectionFactoryAdapter.java:178)
at org.springframework.jms.connection.UserCredentialsConnectionFactoryAdapter.createConnection(UserCredentialsConnectionFactoryAdapter.java:152)
at org.springframework.jms.support.JmsAccessor.createConnection(JmsAccessor.java:180)
at org.springframework.jms.core.JmsTemplate.execute(JmsTemplate.java:483)
Weblogic is the server. Should I set anything in weblogic for SSL communication?
Please suggest if I need to add additional parameters in weblogic server to establish a communication. Also, here are the tibco dependencies I'm using in POM.
<dependency>
<groupId>com.tibco</groupId>
<artifactId>tibjms</artifactId>
<version>8.1.0</version>
</dependency>
<dependency>
<groupId>tibco</groupId>
<artifactId>tibcrypt</artifactId>
<version>2.14.100</version>
</dependency>
<dependency>
<groupId>javax.jms</groupId>
<artifactId>javax.jms-api</artifactId>
<version>2.0</version>
<scope>compile</scope>
</dependency>
