Introducing the all-new TIBCO Community site!

For current users, please click "Sign In" to reset your password and access the enhanced features. If you're a first-time visitor, we extend a warm welcome—click "Sign Up" to become a part of the TIBCO Community!

If you're seeking alternative community sites, explore ibi, Jaspersoft, and Spotfire.

Jump to content

SSL error in tibco EMS(8.5)


bikash Choudhary

Recommended Posts

Could any one help as I am getting below error when trying to setup SSL . I am using sample certificate what provided by EMS (C:tibcoems8.5samplescerts)

2021-02-09 20:21:15.305 Peer certificate:

2021-02-09 20:21:15.316 Certificate=[/C=US/ST=California/L=us-english/O=Test Company/OU=client Unit/CN=client/emailAddress=client@testcompany.com]

Issuer=[/C=US/ST=California/L=us-english/O=Test Company/OU=client_root Unit/CN=client_root/emailAddress=client_root@testcompany.com]

2021-02-09 20:21:15.316 SSL accepted cipher=ECDHE-RSA-AES128-GCM-SHA256

2021-02-09 20:21:15.316 Connection protocol=TLSv1.2

2021-02-09 20:21:15.316 [OpenSSL Error]: file=ossl.c, line=1814

2021-02-09 20:21:18.393 WARNING: Closing connection from [::1] due to timeout, exceeded timeout of 3.

 

Config for SSL :

 

# Server certificate, key and private key password. If password not

# specified it is prompted for at start up time. The key and server

# certificate issuers may be included into specified PKCS12 file.

# Supports PEM, DER and PKCS12.

ssl_server_identity = C:tibcoems8.5samplescertsserver.cert.pem

ssl_server_key = C:tibcoems8.5samplescertsserver.key.pem

ssl_password = password

# Server Issuer certificate(s).

# Supports PEM, DER and PKCS#12.

# This may be a part of PKCS12 specified by ssl_server_identity

ssl_server_issuer =

# Trusted issuers of client certificates. Supports PEM, DER and PKCS7.

ssl_server_trusted = C:tibcoems8.5samplescertsclient_root.cert.pem

Link to comment
Share on other sites

  • 4 weeks later...

Hi, Did you try running EMS with the sample tibemsdssl.conf It also uses the same client/server certs. This is an easy way to test the environment.

$ ../../bin/tibemsd -config tibemsdssl.conf

TIBCO Enterprise Message Service Enterprise Edition.

Copyright 2003-2019 by TIBCO Software Inc.

All rights reserved.

 

Version 8.5.1 V4 9/12/2019

 

2021-03-09 10:02:28.794 Process started from '../../bin/tibemsd'.

2021-03-09 10:02:28.794 Process Id: 10482

2021-03-09 10:02:28.794 Hostname: xxxxxxx

2021-03-09 10:02:28.794 Hostname IP address: 127.0.0.1

2021-03-09 10:02:28.794 Reading configuration from 'tibemsdssl.conf'.

2021-03-09 10:02:28.798 Server name: 'EMS-SERVER'.

2021-03-09 10:02:28.798 Storage Location: 'datastore'.

2021-03-09 10:02:28.798 Routing is disabled.

2021-03-09 10:02:28.798 Authorization is disabled.

2021-03-09 10:02:28.798 The server will attempt to trace warnings about destinations that are growing unbounded above 26843545 bytes or 50000 messages.

2021-03-09 10:02:28.798 Set server properties 'large_destination_memory' and 'large_destination_count' respectively to alter these thresholds.

2021-03-09 10:02:28.804 Secure Socket Layer is enabled, using OpenSSL 1.1.1c 28 May 2019

2021-03-09 10:02:28.804 Accepting connections on ssl://xxxxxx:7243.

2021-03-09 10:02:28.805 Server is active.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...