0

I'm using WebLogic Server 14.1.1 Thin T3 Jakarta client from Oracle's official website to consume messages from a WebLogic JMS queue. My problem is that the WebLogic server I need to consume from has a self-signed certificate, so when I try to consume using the T3S protocol, the connection fails.

I managed to get it to work by setting the javax.net.ssl.trustStore and javax.net.ssl.trustStorePassword environment variables. However, since this configuration causes the entire application to trust this certificate, I would like to configure it so that only the JMS connection factory uses my certificate as trusted, not the whole application. I tried a few approaches that I found (I commented them out in my attached code), but nothing worked for me. So, I would be glad for any information about how to set it up properly.

public class JmsConfig {


    @Bean
    public ConnectionFactory connectionFactory() throws NamingException {
        JndiObjectFactoryBean jndiObjectFactoryBean = new JndiObjectFactoryBean();
        jndiObjectFactoryBean.setJndiName("weblogic.jms.ConnectionFactory");
        jndiObjectFactoryBean.setJndiEnvironment(getEnvProperties());
        jndiObjectFactoryBean.afterPropertiesSet();

        return (QueueConnectionFactory) jndiObjectFactoryBean.getObject();
    }

    @Bean
    public DefaultJmsListenerContainerFactory jmsListenerContainerFactory(ConnectionFactory connectionFactory) {
        DefaultJmsListenerContainerFactory factory = new DefaultJmsListenerContainerFactory();
        factory.setConnectionFactory(connectionFactory);
        JndiDestinationResolver jndiDestinationResolver = new JndiDestinationResolver();
        jndiDestinationResolver.setJndiEnvironment(getEnvProperties());
        factory.setDestinationResolver(jndiDestinationResolver);
        return factory;
    }
    
    private Properties getEnvProperties() {
        Properties envProperties = new Properties();
        envProperties.put(Context.INITIAL_CONTEXT_FACTORY, "weblogic.jndi.WLInitialContextFactory");
        envProperties.put(Context.PROVIDER_URL, serverUrl);
        envProperties.put(Context.SECURITY_PRINCIPAL, user);
        envProperties.put(Context.SECURITY_CREDENTIALS, password);

        // things that doesn't work
        // envProperties.put("weblogic.security.SSL.ignoreHostnameVerification", "true");
        // envProperties.put("java.protocol.handler.pkgs", "weblogic.net");
        // envProperties.put("weblogic.security.TrustKeyStore", "CustomTrust");
        // envProperties.put("weblogic.security.CustomTrustKeyStoreFileName", "\\C:\\cert\\mycert.p12");
        // envProperties.put("weblogic.security.CustomTrustKeyStorePassPhrase", "changeit");
        // envProperties.put("weblogic.security.CustomTrustKeyStoreType", "P12");

        // envProperties.put("weblogic.jndi.ssl.client.certificate", "\\C:\\cert\\mycert.p12");
        // envProperties.put("weblogic.jndi.ssl.client.key_password", "changeit");

        return envProperties;
    }

    @JmsListener
    ......
}
Improve this question
3
Related questions
4439
How do I avoid checking for nulls in Java?
1732
In detail, how does the 'for each' loop work in Java?
271
Accept server's self-signed ssl certificate in Java client
Load 5 more related questions Show fewer related questions

0

Reset to default

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.