+

Search Tips   |   Advanced Search

Secure transport configuration requirements

There are additional configuration requirements when configuring secure transport, such as inbound chains, to establish SSL-based or HTTPS-based connections between messaging engines, or between messaging engines and JMS applications running in a client container.

For an SSL connection to be established successfully, the party that is initiating the connection and the party that is waiting for the connection to be made must both supply a compatible set of credentials.

When you are configuring the client container to bootstrap using an SSL-based transport chain, specified additional SSL properties in...

Properties in this file are used for all client container bootstrapping activities over both SSL and HTTPS-based bootstrap chains.

We can override or augment properties specified in sib.client.ssl.properties by specifying system properties of the same name to the application client. Do this by specifying a -CCD command line option naming the property and its new value. For more information about command line syntax, see launchClient tool.

Some of the properties in sib.client.ssl.properties duplicate those in sas.client.props. Overriding these properties by using wsadmin command options affects both sets of properties.

When you are configuring SSL-based connections between two messaging engines, both the messaging engines must have inbound chains with matching names. These inbound chains must be configured with compatible sets of SSL credentials. The compatibility must be true for both intra-bus messaging engine connections and for connections between messaging engines that are in different buses.

A particular inbound transport chain must have no affinity with a messaging engine. Any enabled inbound transport chain can contact any messaging engine that is active on a server because by default, an application server is created with unsecured inbound transport chains. Disable or delete these chains to restrict access to secure chains only.


Related tasks

  • Protecting messages transmitted between buses