Tibco SSL通信表明没有设置可信证书

时间:2016-01-08 22:42:14

标签: spring weblogic12c tibco-ems jmstemplate

我正在尝试与Tibco EMS建立SSL通信。 TCP通信成功,我能够发布消息。我用JMS模板配置它。以下是我与Tibco沟通的属性。

#Tibco EMS Setup
tibco.ems.namingUrl=ssl://machineName:7223


##Tibco User name/pwd  
java.naming.security.principal=testUser
java.naming.security.credentials=testUser


##Tibco Configuration details SSLQueueConnectionFactory
ems.connectionFactory=SSLQueueConnectionFactory
ems.queueName=queueName
ems.contextFactory=com.tibco.tibjms.naming.TibjmsInitialContextFactory

这是在Spring中完成的JMS模板设置的代码。

public class JMSConfiguration {

    @Autowired
    private Environment environment;

    @Bean
    public JndiTemplate jndiTemplate() throws JMSException {
        JndiTemplate jndiTemplate = new JndiTemplate();
        Properties jndiProps = new Properties();
        Properties props = System.getProperties();



        jndiProps.setProperty("java.naming.security.principal", environment.getProperty("java.naming.security.principal"));
        jndiProps.setProperty("java.naming.security.credentials", environment.getProperty("java.naming.security.credentials"));
        jndiProps.setProperty("java.naming.factory.initial", environment.getProperty("ems.contextFactory"));
        jndiProps.setProperty("java.naming.provider.url", environment.getProperty("tibco.ems.namingUrl"));
        jndiProps.setProperty("com.tibco.tibjms.naming.security_protocol", "ssl");
        jndiProps.setProperty("com.tibco.tibjms.naming.ssl_enable_verify_host", "false");

        jndiTemplate.setEnvironment(jndiProps);
        return jndiTemplate;
    }

    @Bean
    public UserCredentialsConnectionFactoryAdapter authenticate() throws JMSException, NamingException {
        UserCredentialsConnectionFactoryAdapter userCredentialsConnectionFactoryAdapter = new UserCredentialsConnectionFactoryAdapter(); 
        userCredentialsConnectionFactoryAdapter.setUsername(environment.getProperty("java.naming.security.principal"));
        userCredentialsConnectionFactoryAdapter.setPassword(environment.getProperty("java.naming.security.credentials"));
        userCredentialsConnectionFactoryAdapter.setTargetConnectionFactory(connectionFactoryProxy());
        return userCredentialsConnectionFactoryAdapter;
    }

    @Bean
    public JndiObjectFactoryBean jmsConnectionFactory() throws JMSException {
        JndiObjectFactoryBean jndiObjectFactoryBean = new JndiObjectFactoryBean();
        jndiObjectFactoryBean.setJndiTemplate(jndiTemplate());
        jndiObjectFactoryBean.setJndiName(environment.getProperty("ems.connectionFactory"));
        return jndiObjectFactoryBean;
    }

    @Bean
    public JndiObjectFactoryBean jmsQueueName() throws JMSException {
        JndiObjectFactoryBean jndiObjectFactoryBean = new JndiObjectFactoryBean();
        jndiObjectFactoryBean.setJndiTemplate(jndiTemplate());
        jndiObjectFactoryBean.setJndiName(environment.getProperty("ems.queueName")); 
        return jndiObjectFactoryBean;
    }

    @Bean
    public TransactionAwareConnectionFactoryProxy connectionFactoryProxy() throws NamingException, JMSException {
        return new TransactionAwareConnectionFactoryProxy((ConnectionFactory) jmsConnectionFactory().getObject());
    }

    @Bean(name="jmsTemplate")
    public JmsTemplate jmsTemplate() throws JMSException, NamingException {
        JmsTemplate jmsTemplate = new JmsTemplate(authenticate());
        jmsTemplate.setSessionTransacted(false);
        jmsTemplate.setReceiveTimeout(5000);
        jmsTemplate.setDefaultDestination((Destination) jmsQueueName().getObject());
        return jmsTemplate;
    }

    @Bean
    public QueueMessageSender queueMessageSender() {        
        return  new QueueMessageSender();
    }

我已阅读this链接,并检查服务器计算机中是否存在密钥,该密钥在指定的路径中具有.pem密钥和证书。 ssl_server_identity = machineName.crt.pem ssl_server_key = machineName.key.pem

这是我在尝试发布EMs消息时遇到的错误。 

org.springframework.jms.JmsSecurityException: Can not initialize SSL client: no trusted certificates are set; nested exception is javax.jms.JMSSecurityException: Can not initialize SSL client: no trusted certificates are set
    at org.springframework.jms.support.JmsUtils.convertJmsAccessException(JmsUtils.java:291)
    at org.springframework.jms.support.JmsAccessor.convertJmsAccessException(JmsAccessor.java:169)
    at org.springframework.jms.core.JmsTemplate.execute(JmsTemplate.java:496)
    at org.springframework.jms.core.JmsTemplate.send(JmsTemplate.java:568)
    at org.springframework.jms.core.JmsTemplate.send(JmsTemplate.java:559)
    at com.project.name.jms.QueueMessageSender.postMessage(QueueMessageSender.java:32)
    at com.project.name.controller.ControllerClass.publishEMS(ControllerClass.java:228)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.lang.reflect.Method.invoke(Method.java:497)
    at org.springframework.web.method.support.InvocableHandlerMethod.doInvoke(InvocableHandlerMethod.java:221)
    at org.springframework.web.method.support.InvocableHandlerMethod.invokeForRequest(InvocableHandlerMethod.java:137)
    at org.springframework.web.servlet.mvc.method.annotation.ServletInvocableHandlerMethod.invokeAndHandle(ServletInvocableHandlerMethod.java:110)
    at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.invokeHandleMethod(RequestMappingHandlerAdapter.java:776)
    at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.handleInternal(RequestMappingHandlerAdapter.java:705)
    at org.springframework.web.servlet.mvc.method.AbstractHandlerMethodAdapter.handle(AbstractHandlerMethodAdapter.java:85)
    at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:959)
    at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:893)
    at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:966)
    at org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:868)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:751)
    at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:842)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:844)
    at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:280)
    at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:254)
    at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:136)
    at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:346)
    at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:243)
    at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.wrapRun(WebAppServletContext.java:3432)
    at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3402)
    at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
    at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:120)
    at weblogic.servlet.provider.WlsSubjectHandle.run(WlsSubjectHandle.java:57)
    at weblogic.servlet.internal.WebAppServletContext.doSecuredExecute(WebAppServletContext.java:2285)
    at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2201)
    at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2179)
    at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1572)
    at weblogic.servlet.provider.ContainerSupportProviderImpl$WlsRequestExecutor.run(ContainerSupportProviderImpl.java:255)
    at weblogic.work.ExecuteThread.execute(ExecuteThread.java:311)
    at weblogic.work.ExecuteThread.run(ExecuteThread.java:263)
Caused by: javax.jms.JMSSecurityException: Can not initialize SSL client: no trusted certificates are set
    at com.tibco.tibjms.TibjmsxLinkSSL._initSSL(TibjmsxLinkSSL.java:281)
    at com.tibco.tibjms.TibjmsxLinkSSL.connect(TibjmsxLinkSSL.java:383)
    at com.tibco.tibjms.TibjmsConnection._create(TibjmsConnection.java:1354)
    at com.tibco.tibjms.TibjmsConnection.<init>(TibjmsConnection.java:4320)
    at com.tibco.tibjms.TibjmsQueueConnection.<init>(TibjmsQueueConnection.java:39)
    at com.tibco.tibjms.TibjmsxCFImpl._createImpl(TibjmsxCFImpl.java:200)
    at com.tibco.tibjms.TibjmsxCFImpl._createConnection(TibjmsxCFImpl.java:253)
    at com.tibco.tibjms.TibjmsConnectionFactory.createConnection(TibjmsConnectionFactory.java:61)
    at org.springframework.jms.connection.TransactionAwareConnectionFactoryProxy.createConnection(TransactionAwareConnectionFactoryProxy.java:147)
    at org.springframework.jms.connection.UserCredentialsConnectionFactoryAdapter.doCreateConnection(UserCredentialsConnectionFactoryAdapter.java:178)
    at org.springframework.jms.connection.UserCredentialsConnectionFactoryAdapter.createConnection(UserCredentialsConnectionFactoryAdapter.java:152)
    at org.springframework.jms.support.JmsAccessor.createConnection(JmsAccessor.java:180)
    at org.springframework.jms.core.JmsTemplate.execute(JmsTemplate.java:483)

Weblogic是服务器。我应该在weblogic中为SSL通信设置任何内容吗?

请建议我是否需要在weblogic服务器中添加其他参数以建立通信。此外,这里是我在POM中使用的tibco依赖项。

<dependency>
    <groupId>com.tibco</groupId>
    <artifactId>tibjms</artifactId>
    <version>8.1.0</version>
</dependency>

<dependency>
    <groupId>tibco</groupId>
    <artifactId>tibcrypt</artifactId>
    <version>2.14.100</version>
</dependency>

<dependency>
    <groupId>javax.jms</groupId>
    <artifactId>javax.jms-api</artifactId>
    <version>2.0</version>
    <scope>compile</scope>
</dependency>

1 个答案:

答案 0 :(得分:0)

默认情况下,WebLogic仅提供演示证书。如果需要为WebLogic服务器启用SSL通信,thisthis是开始的好地方。您必须将证书添加到JKS密钥库文件并将WebLogic服务器指向该文件。否则,WebLogic将只向Tibco提供它的演示证书。

相关问题
最新问题