Configuring TIBCO Project for SSL
Perform the following steps to configure TIBCO Project for SSL.
1. Open a TIBCO project in the Designer.
2. On the Global Variables tab, update the following attributes:
◦ Expand ESISAPAdapter and change tcp to ssl and the port number from 7222 to 7243 for the JMSProviderURL attribute.
◦ Expand ESIJMS and change the port number from 7222 to 7243 for the JNDIContextURL attribute.
3. Create a Certificates folder in the project.
◦ Navigate to > > > to import the certificates, server.cert.pem, server_root.cert.pem and client.cert.pem located at <tibco_home>\tibco\ems\<version>\samples\certs.
4. Click the Palettes tab and add Identity activity from the General Resources to the Design Panel of the Certificates folder.
5. To configure the Identity activity, update the following in the Configuration tab:
◦ Set Type as Identity File.
◦ In the URL field, update the file path of the server file.
◦ Update Password.
6. Navigate to > > and then select Use SSL?.
7. On the ESIMaster_JMSConnection window, click Configure SSL.... The SSL Configuration window opens.
◦ On the Basic tab of the SSL Configuration window, update the Trusted Certificates Folder and Identity path to the Certificates folder and the identity.id file created in steps 3 and 4, respectively.
8. On the Advanced tab of the SSL Configuration window, clear the Verify Host Name and Strong Cipher Suites Only checkboxes.
9. Return to the ESIMaster_JMSConnection window, and update the following attributes in the Advanced tab:
◦ Topic Connection Factory as SSLTopicConnectionFactory
◦ Queue Connection Factory as SSLQueueConnectionFactory
10. Navigate to > > and then repeat the steps from 4 to 6 to configure SSL.
11. Navigate to > > > and do the following:
◦ In the Transport Type box, select Rendezvous.
◦ Click Apply to save the changes.
12. Navigate to > > > > and do the following:
◦ Select CSAP_MAT_BOM_MAINTAIN BAPI and then click Refresh Adapter Service.
Changes in TIBCO configuration files for SSL
1. Open the tibemsd.conf file located at, <ems_home>/<version>/bin and add the listen property with the value ssl://port. For example, listen = ssl://7243.
2. Set the following parameters in the tibemsd.conf file, and then save the changes:
ssl_server_identity = <ems_home>/<version>/samples/certs/server.cert.pem
ssl_server_key = <ems_home>/<version>/samples/certs/server.key.pem
ssl_password = <password>
ssl_server_trusted = <ems_home>/<version>/samples/certs/client_root.cert.pem
3. In the factories.conf file located at, <ems_home>/<version>/bin, update the SSL server and certificates details for SSLQueueConnectionFactory and SSLTopicConnectionFactory.