Kbase 22028: SonicMQ: SSL for the ActiveX Client in Version 4.0
| Autor |
Progress Software Corporation - Progress |
| Acesso |
Público |
| Publicação |
17/05/2002 |
|
SUMMARY:
This Solution describes how to enable the ActiveX client to communicate through the SSL (Secure Sockets Layer) communication protocol. A basic example is included.
*** IMPORTANT NOTE *** SSL with the ActiveX Client is still untested and unsupported by Progress Development. While this case works with the EXACT versions noted below, the ActiveX client was not designed to support this functionality, and therefore might not work in your particular implementation.
This information applies to the ActiveX client for SonicMQ Version 4.0
on NT4.0 SP 6a with Java version 1.3.0 Java(TM) 2 Runtime Environment,
Standard Edition (build 1.3.0-C), Java HotSpot(TM) Client VM
(build 1.3.0-C, mixed mode).
EXPLANATION:
SonicMQ version 4.0 enables Java clients to use the SSL protocol.
The ActiveX client communicates to the SonicMQ broker, via
the SonicMQ Bean Control, over the Java-ActiveX Bean Bridge
provided by JavaSoft through the beans.ocx. The Java runtime executable itself is able to communicate as a normal Java client via SSL as well.
SOLUTION:
This solution describes a sample where the broker is setup for SSL then the client.
Set up the broker for SSL as described in the Protocols chapter of the
SonicMQ V4 Configuration and Administration Guide. In the following sample, the setup of the broker.ini file establishes a third acceptor and it is set up for the broker aBroker on port 3506 for SSL.
SSL_CERTIFICATE_CHAIN=certs/server.p7c
SSL_PRIVATE_KEY=certs/serverKey.pkcs8
SSL_PRIVATE_KEY_PASSWORD=password
SSL_CLIENT_AUTHENTICATION=FALSE
SSL_CA_CERTIFICATES_DIR=certs/CA
NUM_ACCEPTORS=3
IP_OR_HOST_3=aBroker
SOCKET_TYPE_3=ssl
PORT_NUMBER_3=3506
The client is then set up by copying the required SonicMQ SSL and Java client archives from the directory:
<Sonic_Home> \lib to the < JRE home> \lib\ext
Replace <Sonic_Home> with the Path name, including drive letter where
SonicMQ is installed. Also replace <JRE home> with the Path name,
including drive letter of the Java Runtime installation.
In this example the following archives were copied from e:\Sonic40\lib
to D:\Program Files\JavaSoft\JRE\1.3\lib\ext
although not all of them are needed for the SonicMQ ActiveX client
as shown in the listing of the directory:
Directory of D:\Program Files\JavaSoft\JRE\1.3\lib\ext
05/07/02 01:02p <DIR> .
05/07/02 01:02p <DIR> ..
07/24/01 07:34p 45,386 activation.jar
03/15/01 09:42a 295,934 ant.jar
12/07/01 12:46a 15,088 antconfig.jar
12/14/01 05:15p 2,604,352 broker.jar
11/16/01 03:56p 418,028 certj.jar
03/01/01 09:35p 2,088,960 defdb_server.jar
03/01/01 09:36p 2,133,393 defdb_tools.jar
09/06/00 09:00p 24,051 gnu-regexp-1.0.6.jar
07/24/01 05:33p 28,404 jaxp.jar
03/01/01 08:16p 344,604 jetty.jar
02/13/01 12:59a 98,496 jndi.jar
11/16/01 03:56p 378,517 jsafe.jar
11/16/01 03:56p 105,513 jsafeJCE.jar
12/14/01 05:15p 352,184 smq_HTTP.jar
12/14/01 05:15p 6,444 sonic_ASPI.jar
12/14/01 05:15p 121,584 sonic_Channel.jar
12/14/01 05:15p 459,682 sonic_Client.jar
12/14/01 05:15p 42,444 sonic_Crypto.jar
12/14/01 05:15p 64,238 sonic_HTTP.jar
12/14/01 05:15p 46,364 sonic_Selector.jar
12/14/01 05:15p 75,009 sonic_SF.jar
12/14/01 05:15p 87,319 sonic_SSL.jar
12/14/01 05:15p 30,534 sonic_XA.jar
12/14/01 05:15p 21,875 sonic_XMessage.jar
11/16/01 03:56p 224,375 sslj.jar
12/14/01 05:15p 1,726,883 tools.jar
07/27/01 07:27p 1,787,796 xerces.jar
You also must add JVM arguments for running SSL. This example describes doing this through the Windows Control Panel, as follows:
1) Launch the Java Plug-in Control Panel.
2) In the window that opens, enter the Java Run Time Parameters for
SSL:
-DSSL_CA_CERTIFICATES_DIR=<sonicmq_install_dir>\certs\CA
inserting your actual SonicMQ installation directory instead of
<sonicmq_install_dir> .
Now the ActiveX client can communicate using SSL through the URL:
ssl://<hostname>:3506
For example, a code line in Visual Basic:
SonicJMS.setBrokerURL ("ssl://aBroker:3506")
References to Written Documentation:
SonicMQ Installation Configuration and Administration Guide
http://java.sun.com/products/plugin/1.3/docs/controlpanel.html#Start
Progress Knowledge Base Solution 21252, "SonicMQ: Enabling SSL Communication For the ActiveX Client"