Can not initialize SSL client: no trusted certificates are set

[Manoj Chaurasia]

Hi,

 

I'm trying to get JMS over SSL working and I've successfully managed to do it with host verification turned off. But once I turn it on, I receive the above error even though I have defined com.tibco.tibjms.ssl.trusted_certs in my connector connection pool. I have a standalone application where I populate a hashmap with the SSL paramaters, including trusted_certs, and JMS over SSL works but once I try to integrate this with Sun Appserver 9, I run into this problem. Any ideas

 

Here is my connector connection pool definition:

 

asadmin create-connector-connection-pool --port $AS_PORT --host $AS_HOST

--raname tibra

--connectiondefinition javax.jms.QueueConnectionFactory

--transactionsupport=NoTransaction

--isconnectvalidatereq=true

--property SupportsXA=false:

ConnectionFactoryJndiName=QueueConnectionFactory:

ProviderIntegrationMode=jndi:

UserName=$USERNAME:

Password=$PASSWORD:

ConnectionValidationEnabled=true:

JndiProperties=

java.naming.factory.url.pkgs=com.tibco.tibjms.naming,

java.naming.factory.initial=com.tibco.tibjms.naming.TibjmsInitialContextFactory,

java.naming.provider.url=$JNDI_HOST\:$JNDI_PORT,

java.naming.security.principal=$USERNAME,

java.naming.security.credentials=$PASSWORD,

com.tibco.tibjms.naming.security_protocol=ssl,

com.tibco.tibjms.ssl.trusted_certs=config/TrustedCert.cer,

com.tibco.tibjms.naming.ssl_debug=true,

com.tibco.tibjms.naming.ssl_debug_trace=true,

com.tibco.tibjms.naming.ssl_enable_verify_host=true

tibinpool

 

Thanks!

[Tanuja dubey]

I am facing a similar exception.My java code attempts to connect to tibco server with the following code:

Context jndiContext = new InitialContext(env);

ConnectionFactory connectionFactory = (ConnectionFactory) jndiContext.lookup(connectionfactoryname); Destination dest = (Destination) jndiContext.lookup(QueueName);

Connection connection = connectionFactory.createConnection(username,password);

Session session = connection.createSession(false, Session.AUTO_ACKNOWLEDGE);

I get the below exception when connectionFactory.createConnection(username,password) is attempted:

javax.jms.JMSSecurityException: Can not initialize SSL client: no trusted certificates are set

at com.tibco.tibjms.TibjmsxLinkSSL._initSSL(TibjmsxLinkSSL.java:289)

at com.tibco.tibjms.TibjmsxLinkSSL.connect(TibjmsxLinkSSL.java:390)

at com.tibco.tibjms.TibjmsConnection._create(TibjmsConnection.java:1302)

at com.tibco.tibjms.TibjmsConnection.<init>(TibjmsConnection.java:4182)

at com.tibco.tibjms.TibjmsQueueConnection.<init>(TibjmsQueueConnection.java:36)

at com.tibco.tibjms.TibjmsxCFImpl._createImpl(TibjmsxCFImpl.java:200)

at com.tibco.tibjms.TibjmsxCFImpl._createConnection(TibjmsxCFImpl.java:253)

at com.tibco.tibjms.TibjmsConnectionFactory.createConnection(TibjmsConnectionFactory.java:58)

at MapProducer.main(MapProducer.java:61)

i have provided - com.tibco.tibjms.naming.security_protocol=ssl com.tibco.tibjms.naming.ssl_enable_verify_host=false com.tibco.tibjms.naming.ssl_identity=messserv.p12 com.tibco.tibjms.naming.ssl_password=mypass com.tibco.tibjms.naming.ssl_trusted_certs=trustcert.pem    java.naming.security.principal=mcsuser                              java.naming.security.credentials=mcsuserI also tried importing the certificate to java cert store, but that did not help either. What am i missingThanks!