Hi,
we have the following situation:
Broker 7.1.2 Fix 17 with JMS API 7.1.2 Fix10
We have created Broker and JMS Provider with full SSL-Connectivity and -Encryption.
Our Partner-System is using the webm-jmsra.rar from the mentioned API to connect the WmJMSNamingProvider we are providing on our Broker.
Now they get an error that the Client-Certificate we provided to them is not a valid certificate file.
The JNDI-Properties are as follows (the Password is omitted for security reasons and has been replaced by “” as well as the full address of the broker):
java.naming.factory.initial=com.webmethods.jms.naming.WmJmsNamingCtxFactory,
com.webMethods.jms.naming.encrypted=true,
com.webMethods.jms.naming.keystore=/opt/jboss/server/default/conf/eam/CCPClient_cert.p12,
com.webMethods.jms.naming.keystoretype=PKCS12,
com.webMethods.jms.naming.truststore=/opt/jboss/server/default/conf/eam/tsbepabnca.jks,
com.webMethods.jms.naming.truststoretype=JKS,
com.webmethods.jms.naming.clientgroup=admin,
java.naming.security.principal=CN=CCPClient, OU=CCP, O=T-Systems International GmbH, L=Darmstadt, ST=Hessen, C=DE,
java.naming.security.credentials=<snip>,
java.naming.provider.url=wmjmsnaming://Broker_TS_BeP_10706@<snip>/CCPI think that the java.naming.security.principal-Property needs some masking as it contains commas, which are uses as a property separator as well. Or that it needs to be the last one in the list.
The ApplicationServer used at the partners side is JBoss 4.3.x.
Another JMS-Partner of us is connecting to its provider based on similar settings but is using a Java-based implementation instead of the webm-jmsra.rar.
Unfortunately there is not much documentation about this from SAG-Side.
Any ideas or hints are welcome as this needs to be solved asap.
(Was expected to be working by today or at least tomorrow evening, otherwise we have to think about a Workaround [i.e. using SunFSContext instead, which we know is working the rar, but not intended for security and administrative purposes])