Kbase 20586: SonicMQ: Example for SSL CLIENT AUTHENTICATION
| Autor |
Progress Software Corporation - Progress |
| Acesso |
Público |
| Publicação |
20/02/2003 |
|
SUMMARY:
This solution provides an example of how to use the SonicMQ Explorer with true SSL CLIENT AUTHENTICATION and the example keys in the product. Valid for SonicMQ version 3.x and SonicMQ version 4.0 including https.
EXPLANATION:
SonicMQ provides the capability to communicate via SSL and the broker.ini file contains many SSL keys by default. The examples provided in the product do not use SSL CLIENT AUTHENTICATION.
The default SSL lines in the broker.ini are:
; SSL settings
SSL_CERTIFICATE_CHAIN=certs/server.p7c
SSL_PRIVATE_KEY=certs/serverKey.pkcs8
SSL_PRIVATE_KEY_PASSWORD=password
SSL_CLIENT_AUTHENTICATION=TRUE
If the client doesn't have the right SSL settings, the following
exception is thrown by the SonicMQ server output window:
java.io.IOException: Client Auth Required, but client has no
certificate
at com.rsa.ssl.SSLSocket.getInputStream(SSLSocket.java:194)
SOLUTION:
Make sure the following lines are in explorer.bat to set SSL and start the SonicMQ Explorer:
rem Set SSL client properties
set SSL_P1=-DSSL_CA_CERTIFICATES_DIR=certs\CA
set SSL_P2=-DSSL_CERTIFICATE_CHAIN=certs\client.p12
set SSL_P3=-DSSL_CERTIFICATE_CHAIN_FORM=PKCS12
set SSL_P4=-DSSL_PRIVATE_KEY_PASSWORD=password
"%SONICMQ_JREW%" %SSL_P1% %SSL_P2% %SSL_P3% %SSL_P4% %SONICMQ_BRIDGE_ADMIN% -cp "%JRE_CLASSPATH%;%SONICMQ_CLASSPATH%;"
progress.message.tools.Explorer
Reference to Written Documentation:
SonicMQ Installation Configuration and Administration Guide.
Progress Knowledge Base Solution 20533, "SonicMQ: JRE Application Error w/IBM 1.1.8 on WinNT w/SSL".