1 Reply Latest reply: Feb 24, 2014 5:18 PM by Bobfinan - Oracle-Oracle RSS

    configuring ssl over jolt/tuxedo

    8d3f4f0d-5370-43bf-965d-0e89eeb798ae

      I downloaded and configured tuxedo 12.1.1.0 on linux. I have a standalone Jolt client..

      I want to configure it to use SSL encryption, instead of the default LLE, the setup with the default LLE works fine.

      I generated a key and certificate using openSSL. I have ldap running (openLdap). When I run the client, it fails during handshake with the following errors:

       

      JSH.6017.3472672512.-2: LIBPLUGIN_CAT:1004: ERROR: Cannot bind to LDAP Server, URL = ldap://localhost:389/

      JSH.6017.3472672512.-2: LIBPLUGIN_CAT:1020: ERROR: LDAP error 2, error text = historical protocol version requested, use LDAPv3 instead

      JSH.6017.3472672512.-2: LIBTUX_CAT:6665: ERROR: Could not open private key, err = -3001

      JSH.6017.3472672512.-2: LIBTUX_CAT:6907: ERROR: File open failed on Oracle Wallet "file:/usr/lib/jvm/jre-1.6.0-sun.x86_64/lib/security/wallet.cacerts" and subsequent attempt to dynamically create security credentials failed

       

      What am I missing? This is my config file.

       

      *RESOURCES

      IPCKEY          123456

      SEC_PRINCIPAL_NAME      "user"

      SEC_PRINCIPAL_LOCATION  "/usr/lib/jvm/jre-1.6.0-sun/lib/security/cacerts"

      SEC_PRINCIPAL_PASSVAR   "abcd"

       

      #Example:

      #IPCKEY         123456

       

      DOMAINID        simpapp

      MASTER          simple

       

      MAXSERVICES     50

      MODEL           SHM

      LDBAL           N

       

      *MACHINES

      <my machine>         LMID=simple

                      MAXWSCLIENTS=10

                      APPDIR=<path to my appdir>

                      TUXCONFIG=<path to my tuxconfig>

                      TUXDIR=<my tuxedo path>

                      MAXACCESSERS=20

       

       

      *GROUPS

      GROUP1          GRPNO=1  LMID=simple OPENINFO=NONE TMSNAME="TMS"

      JREPGRP        GRPNO=94 LMID=simple

      JSLGRP          GRPNO=95 LMID=simple

       

      *SERVERS

       

      JSL SRVGRP=JSLGRP SRVID=30 CLOPT=" -A -- -a -z 0 -Z 128 -S //<ip>:<port> -n //<ip>:<port> -m1 -M1 -x10 -I3600 -s <port>"

      JREPSVR SRVGRP=JREPGRP SRVID=98 RESTART=Y GRACE=0 CLOPT=" -A -- -W -P <path to jrepository>"

       

      simpserv        SRVGRP=GROUP1 SRVID=1

       

       

       

      *SERVICES

      TOUPPER

       

      Thanks

       

      Message was edited by: 8d3f4f0d-5370-43bf-965d-0e89eeb798ae