EMS and ssl/jndi

[sirldavis]

Hi,

I get the following error for the jndi Name so perhaps the jndi Name needs some kind of mark up, however because it is ssl and the url provider is there, I'm not sure? ex = {"Not permitted: invalid name or password"} in TIBCO:

at TIBCO.EMS.LookupContext._Lookup(String name)
at TIBCO.EMS.LookupContext.Lookup(String name)
at Spring.Messaging.Ems.Jndi.JndiLocatorSupport.Looku p(String jndiName, Type requiredType) in C:\Program Files\Spring.NET 1.3.0\src\Spring\Spring.Messaging.Ems\Messaging\Em s\Jndi\JndiLocatorSupport.cs:line 46

Thanks,
Sirl

<object id="jndiEmsConnectionFactory" type="Spring.Messaging.Ems.Jndi.JndiLookupFactoryO bject, Spring.Messaging.Ems">
<property name="JndiName" value="jndiQueueConnFactory"/>
<property name="JndiProperties">
<dictionary>
<entry key="TIBCO.EMS.provider.url" value="ssl://serverhostname:7243" />
<entry key="TIBCO.EMS.ssl.store_info" value="C:/sirl/tibco/cert/X.p12" />
<entry key="TIBCO.EMS.ssl_target_host_name" value="namingserverhost" />
<entry key="TIBCO.EMS.ssl.store_type" value="0" />
<entry key="TIBCO.EMS.ssl.password" value="password" />

<entry key="TIBCO.EMS.naming.ssl_target_host_name" value="namingserverhostname" />
<entry key="TIBCO.EMS.naming.ssl_enable_verify_host" value="false" />
<entry key="TIBCO.EMS.naming.security_protocol" value="ssl" />
<entry key="TIBCO.EMS.naming.ssl_store_type" value="0" />
<entry key="TIBCO.EMS.naming.ssl_store_info" value="C:/sirl/tibco/cert/X.p12" />
<entry key="TIBCO.EMS.naming.ssl_auth_only" value="false" />
<entry key="TIBCO.EMS.naming.ssl_trace" value="true" />
</dictionary>
</property>
</object>

<object id="cachingJndiConnectionFactory" type="Spring.Messaging.Ems.Connections.CachingConn ectionFactory, Spring.Messaging.Ems">
<property name="SessionCacheSize" value="10" />
<property name="TargetConnectionFactory">
<object type="Spring.Messaging.Ems.Common.EmsConnectionFac tory, Spring.Messaging.Ems">
<constructor-arg ref="jndiEmsConnectionFactory"/>
</object>
</property>
</object>

<object name="EmsTemplate" type="Spring.Messaging.Ems.Core.EmsTemplate, Spring.Messaging.Ems">
<property name="ConnectionFactory" ref="cachingJndiConnectionFactory"/>
<property name="DefaultDestinationName" value="queue.GuiRequest"/>
<property name="MessageConverter" ref="XmlMessageConverter"/>
</object>

[ianq]

Any progress on this? Did one ever resolve the SSL connectivity?

[smalyshev]

I was able to use JNDI and SSL features of .NET Spring with no issues.
My SSL configuration is simple as I don't use Client Certificate:

<!-- EmsConnectionFactory refers to JndiEmsConnectionFactory to fetch EMS Connection Factory-->
<object id="EmsConnectionFactory" type="Spring.Messaging.Ems.Common.EmsConnectionFac tory, Spring.Messaging.Ems">
<constructor-arg ref="JndiEmsConnectionFactory"/>
<property name="UserName" value="SinglePlatformUI" />
<property name="UserPassword" value="SinglePlatformUI" />
<!-- SSL setting -->
<property name="TargetHostName" value="ESBQA" />
<!-- ClientId should be different on each server for web farm, like iCare: iCare-NHQSPAUI401, iCare-NHQSPAUI402, iCare-NHQSPAUI403 -->
<property name="ClientID" value="SpringWebRequestReply" />
</object>

<!-- Fetch EMS Connection Factory from JNDI-->
<object id="JndiEmsConnectionFactory" type="Spring.Messaging.Ems.Jndi.JndiLookupFactoryO bject, Spring.Messaging.Ems">
<!-- SSL connection factory which contains SSL EMS URL -->
<property name="JndiName" value="SSLQueueConnectionFactory"/>
<property name="JndiProperties[LookupContext.PROVIDER_URL]" value="tibjmsnaming://grant:7262,tibjmsnaming://cagney:7262"/>
<property name="JndiProperties[LookupContext.SECURITY_PRINCIPAL]" value="SinglePlatformUI"/>
<property name="JndiProperties[LookupContext.SECURITY_CREDENTIALS]" value="SinglePlatformUI"/>
</object>

Sergei

[jackmark]

This is the code we are using to coonect EMS though SSL in java class

ConnectionFactory qcf = (ConnectionFactory) emsJndiContext.lookup(jmsutilpropreader.getQueueCo nnectionFactory());

TibjmsSSL.setPassword(jmsutilpropreader.getSslPass word().toCharArray());
connection = qcf.createConnection(jmsutilpropreader.getSecurity Principal(), jmsutilpropreader.getSecurityCredentials());

and following error is occuring. This java class is deployed in Websphere .

2010.11.24 09:37:25, 404 [WebContainer : 0] FATAL TIBJMSHelper - Not permitted: Error occured while reading identity data: Error in loading the keystore: Private key decryption error: (java.security.InvalidKeyException: Illegal key size)
2010.11.24 09:37:25, 404 [WebContainer : 0] FATAL TIBJMSHelper - Exception in Main
javax.naming.AuthenticationException: Not permitted: Error occured while reading identity data: Error in loading the keystore: Private key decryption error: (java.security.InvalidKeyException: Illegal key size) [Root exception is javax.jms.JMSSecurityException: Error occured while reading identity data: Error in loading the keystore: Private key decryption error: (java.security.InvalidKeyException: Illegal key size)]
at com.tibco.tibjms.naming.TibjmsContext.lookup(Tibjm sContext.java:668)