Kbase 21250: SonicMQ: Unable To Load CA Certificate $SONICMQ_HOME/certs/C
| Autor |
Progress Software Corporation - Progress |
| Acesso |
Público |
| Publicação |
8/11/2001 |
|
SUMMARY:
This Solution applies to SonicMQ Version 3.5 on Windows NT. You might get the following exception when trying to run the Chat example with SSL:
Unable to load CA certificate $SONICMQ_HOME/certs/CA
EXPLANATION:
When you enable SSL on the broker using the example keys, then run the Chat example with the default SonicMQ.bat for setting the environment,
that is,
..\..\SonicMQ Chat -b ssl://pcrwe:3506 -u ts -p ts
it gives the following exceptions along with a stack trace:
Unable to load CA certificate $SONICMQ_HOME/certs/CA: com.rsa.ssl.SSLException:
Can not load certificateCan not load certificate
Exception in thread "main" progress.message.util.EAssertFailure: Unable to register trusted CA certificate(s) or trust decider to verify the broker certificate
at java.lang.Throwable.<init>(Throwable.java:96)
at java.lang.Error.<init>(Error.java:52)
at progress.message.util.EAssertFailure.<init>(Unknown Source)
at progress.message.net.ssl.hd.TF_(Unknown Source)
at progress.message.net.ssl.hd.<init>(Unknown Source)
at progress.message.net.ssl.ProgressSslSocketFactory.createProgressSocke
t(Unknown Source)
at progress.message.zclient.Connection.lq_(Unknown Source)
at progress.message.zclient.Connection.connect(Unknown Source)
at progress.message.zclient.Connection.connect(Unknown Source)
at progress.message.jclient.Connection.<init>(Unknown Source)
at progress.message.jclient.TopicConnection.<init>(Unknown Source)
at progress.message.jclient.TopicConnectionFactory.createTopicConnection
(Unknown Source)
at Chat.chatter(Chat.java:53)
at Chat.main(Chat.java:225)
SOLUTION:
The problem is that within SonicMQ.bat the environment variable:
SONICMQ_SSL_SAMPLES_CLIENT
is set to
-DSSL_CA_CERTIFICATES_DIR=$SONICMQ_HOME/certs/CA
through the command:
set SONICMQ_SSL_SAMPLES_CLIENT="-DSSL_CA_CERTIFICATES_DIR=$SONIC
MQ_HOME/certs/CA"
This UNIX syntax is problematic on Windows NT. For Windows NT replace the line with:
set SONICMQ_SSL_SAMPLES_CLIENT="-DSSL_CA_CERTIFICATES_DIR=%SONIC
MQ_HOME%/certs/CA"
References to Written Documentation:
SonicMQ Installation Configuration and Administration Guide