ebxmlms-general Mailing List for ebXML Message Service Handler (Page 6)

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Ladislav,

=20

Thanks for all the help. Your suggestions earlier did help. We have =
complete SSL communication now between 2 Hermes servers running on OC4J =
and Tomcat. There was some confusion between the property files that =
OC4J/Tomcat and Hermes exposes. The configurations needed to be in sync. =

=20

Thanks

-- Ashique

=20

=20

________________________________

From: David RR Webber (XML) [mailto:da...@dr...]=20
Sent: Friday, May 19, 2006 9:00 AM
To: ebx...@li...
Cc: Tanveer, Ashique (NIH/OD) [C]
Subject: RE: [FWD: RE: [ebxmlms-general] Configuring SSL and Hermes - =
step by step Guide]

=20

Ladislav,

=20

OK - quick update - we now have this all fully working - many thanks for =
the hints and help - it all contributed to figuring out all the various =
parts.

=20

We should be going into pre-production testing next week - and at that =
point we can share the installation documentation public link once its =
live with details of all that is needed to get this setup.

=20

Thanks, DW

	=20

	-------- Original Message --------
	Subject: RE: [FWD: RE: [ebxmlms-general] Configuring SSL and Hermes -
	step by step Guide]
	From: Ladislav Urban <lad...@we...>
	Date: Thu, May 18, 2006 10:30 pm
	To: ebxmlms-general <ebx...@li...>, "Tanveer,
	Ashique (NIH/OD) [C]" <tan...@od...>
=09
	Could you please write detail error message from logs?
=09
=09
	On Mon, 2006-05-15 at 16:54 -0400, Tanveer, Ashique (NIH/OD) [C] wrote:
	> Ladislav,
	>=20
	> =20
	>=20
	> Will you be able to send me your complete msh_properties.xml file and
	> also tell me if using the NullHostVerifier is enough to turn off host
	> verification.
	>=20
	> I keep getting the error: Hostname should be <120.123.134.111>
	>=20
	> =20
	>=20
	> Any help will be hugely appreciated.
	>=20
	> Thanks so much in advance
	>=20
	> =20
	>=20
	> =
|------------------------------------------------------------------------=
-----------
	>=20
	> | Ashique Tanveer
	>=20
	> | Booz | Allen | Hamilton
	>=20
	> |
	>=20
	> | Contractor, eRA Project, National Institute Of Health
	>=20
	> | Off:   301-451-1772  | Fax: 925-889-3635
	>=20
	> | Email:  tan...@od..., tan...@ba...=20
	>=20
	> =
|------------------------------------------------------------------------=
-----------
	>=20
	>=20
	>                                   =20
	> =
______________________________________________________________________
	> From: David RR Webber (XML) [mailto:da...@dr...]=20
	> Sent: Monday, May 15, 2006 8:41 AM
	> To: Tanveer, Ashique (NIH/OD) [C]
	> Subject: [FWD: RE: [ebxmlms-general] Configuring SSL and Hermes - =
step
	> by step Guide]
	>=20
	>=20
	> =20
	>=20
	> =20
	>=20
	>         =20
	>        =20
	>         -------- Original Message --------
	>         Subject: RE: [ebxmlms-general] Configuring SSL and Hermes -
	>         step by
	>         step Guide
	>         From: Ladislav Urban <lad...@we...>
	>         Date: Mon, May 08, 2006 3:25 pm
	>         To: ebx...@li...
	>        =20
	>         Hello Ashique,
	>         we use SSL configuration for hermes. You can set it up the
	>         same way as
	>         for tomcat.=20
	>         Are you going to use selfsigned certs?
	>        =20
	>         1st Step
	>         create generate keys in keystores of both tomcats. The =
kystore
	>         is
	>         usually in root directory of the tomcat and its name
	>         is .keystore
	>        =20
	>         example:
	>         keytool -genkey -keyalg "RSA" -dname "cn=3Dcompany1, =
ou=3Dcompany,
	>         o=3Dcompany1, c=3DUS" -keystore ./.keystore -alias tomcat =
-keypass
	>         password222 -storepass password222
	>        =20
	>        =20
	>         2nd Step:
	>        =20
	>         Configuration of msh.properties.xml
	>         <SSL>
	>        =20
	>         =
<HostnameVerifier>com.webswell.hermes.NullHostVerifier</HostnameVerifier>=

	>              <TrustedAnchor>
	>                <!-- Trust keystore for SSL Server Authentication -->
	>                <KeyStore>
	>                  <Path>/usr/local/Webswell/jakarta-tomcat</Path>
	>                  <File>.keystore</File>
	>                  <Password>password222</Password>
	>                </KeyStore>
	>              </TrustedAnchor>
	>              <ClientAuth>
	>                <URL></URL>
	>                <KeyStore>
	>                  <Path></Path>
	>                  <File></File>
	>                  <Alias></Alias>
	>                  <Password></Password>
	>                </KeyStore>
	>              </ClientAuth>
	>            </SSL>
	>        =20
	>        =20
	>         As you can see we do have null host verifier. It switch off
	>         verification
	>         of host name in http request against host name in =
credentials.
	>         I can
	>         send you the java code.
	>        =20
	>         3rd Step=20
	>        =20
	>         Export public part of the generated keys from both keystores.
	>         This will
	>         create the selfsigned certificate files.
	>         keytool -export -alias tomcat -keystore ./.keystore
	>          -storepass
	>         password222 -file ./company1.cer
	>        =20
	>        =20
	>         and import the certificates to the opposite keystore.
	>        =20
	>         Ladislav=20
	>        =20
	>         On Mon, 2006-05-08 at 12:53 -0400, Tanveer, Ashique (NIH/OD)
	>         [C] wrote:
	>         > =20
	>         >=20
	>         > I guess I am looking for something like a =
=C3=A2=E2'=AC=C5"SSL
	>         configuration with
	>         > Hermes for dummies=C3=A2=E2'=AC=C2=9D.  Assuming I have two =
Hermes server
	>         running on
	>         > Tomcat server, what are the steps (generate the =
certificate,
	>         keystore
	>         > etc,?)  to have both Hermes communicate via SSL. I assume
	>         some
	>         > configuration needed on the tomcat as well as hermes
	>         properties files?
	>         > Any tips would help.
	>         >=20
	>         > =20
	>         >=20
	>         > Thanks
	>         >=20
	>         > -- Ashique
	>         >=20
	>         > =20
	>         >=20
	>         >
	>         =
|------------------------------------------------------------------------=
-----------
	>         >=20
	>         > | Ashique Tanveer
	>         >=20
	>         > | Booz | Allen | Hamilton
	>         >=20
	>         > |
	>         >=20
	>         > | Contractor, eRA Project, National Institute Of Health
	>         >=20
	>         > | Off:   301-451-1772  | Fax: 925-889-3635
	>         >=20
	>         > | Email:  tan...@od..., tan...@ba...=20
	>         >=20
	>         >
	>         =
|------------------------------------------------------------------------=
-----------
	>         >=20
	>         >=20
	>         >                                   =20
	>         >
	>         =
______________________________________________________________________
	>         > From: David RR Webber (XML) [mailto:da...@dr...]=20
	>         > Sent: Monday, May 08, 2006 12:33 PM
	>         > To: ebx...@li...
	>         > Subject: [ebxmlms-general] Configuring SSL and Hermes - =
step
	>         by step
	>         > Guide
	>         >=20
	>         >=20
	>         > =20
	>         >=20
	>         > Team,
	>         >=20
	>         >=20
	>         > =20
	>         >=20
	>         >=20
	>         > Does anyone have any notes they can share on setting up
	>         Hermes <->
	>         > Hermes using SSL?
	>         >=20
	>         >=20
	>         > =20
	>         >=20
	>         >=20
	>         > The Hermes docs are not forthcoming on this - so would be
	>         helpful to
	>         > have something available.
	>         >=20
	>         >=20
	>         > =20
	>         >=20
	>         >=20
	>         > More to the point - if you succeeded in getting this =
working
	>         - can you
	>         > share the steps you=20
	>         >=20
	>         >=20
	>         > had to go thru?!
	>         >=20
	>         >=20
	>         > =20
	>         >=20
	>         >=20
	>         > Thanks, DW
	>         >=20
	>         >=20
	>         > -------------------------------------------------------
	>         Using Tomcat
	>         > but need to do more? Need to support web services, =
security?
	>         Get stuff
	>         > done quickly with pre-integrated technology to make your =
job
	>         easier
	>         > Download IBM WebSphere Application Server v.1.0.1 based on
	>         Apache
	>         > Geronimo
	>         >
	>         =
http://sel.as-us.falkag.net/sel?cmd=3Dlnk&kid=3D120709&bid=3D263057&dat=3D=
121642 _______________________________________________ ebxmlms-general =
mailing list ebx...@li... =
https://lists.sourceforge.net/lists/listinfo/ebxmlms-general=20
	>         >=20
	>         >=20
	>         --=20
	>         Ladislav Urban
	>         CEO
	>         Webswell Inc.
	>         1333 Howe Avenue, Suite 100
	>         Sacramento, 95825 CA
	>         email: lad...@we...
	>         phone: +1 (916) 290-2040
	>         fax: +1 (916) 921-2850
	>         http://www.webswell.com
	>        =20
	>        =20
	>        =20
	>         -------------------------------------------------------
	>         Using Tomcat but need to do more? Need to support web
	>         services, security?
	>         Get stuff done quickly with pre-integrated technology to make
	>         your job easier
	>         Download IBM WebSphere Application Server v.1.0.1 based on
	>         Apache Geronimo
	>         =
http://sel.as-us.falkag.net/sel?cmd=3Dlnk&kid=3D120709&bid=3D263057&dat=3D=
121642
	>         _______________________________________________
	>         ebxmlms-general mailing list
	>         ebx...@li...
	>         https://lists.sourceforge.net/lists/listinfo/ebxmlms-general=20
	>        =20
	--=20
	Ladislav Urban
	CEO
	Webswell Inc.
	1333 Howe Avenue, Suite 100
	Sacramento, 95825 CA
	email: lad...@we...
	phone: +1 (916) 290-2040
	fax: +1 (916) 921-2850
	http://www.webswell.com
=09
=09
=09
	-------------------------------------------------------
	Using Tomcat but need to do more? Need to support web services, =
security?
	Get stuff done quickly with pre-integrated technology to make your job =
easier
	Download IBM WebSphere Application Server v.1.0.1 based on Apache =
Geronimo
	=
http://sel.as-us.falkag.net/sel?cmd=3Dlnk&kid=3D120709&bid=3D263057&dat=3D=
121642
	_______________________________________________
	ebxmlms-general mailing list
	ebx...@li...
	https://lists.sourceforge.net/lists/listinfo/ebxmlms-general=20

2002	Jan	Feb	Mar	Apr	May	Jun	Jul	Aug (1)	Sep	Oct (20)	Nov (11)	Dec (27)
2003	Jan (11)	Feb (8)	Mar (17)	Apr (11)	May (9)	Jun (30)	Jul (18)	Aug	Sep (4)	Oct (34)	Nov (83)	Dec (28)
2004	Jan (4)	Feb	Mar (13)	Apr (20)	May (4)	Jun (26)	Jul (5)	Aug (2)	Sep (3)	Oct (7)	Nov (10)	Dec (24)
2005	Jan (7)	Feb (44)	Mar (9)	Apr (16)	May (9)	Jun (64)	Jul (48)	Aug (36)	Sep (27)	Oct (24)	Nov (20)	Dec (11)
2006	Jan (12)	Feb (13)	Mar (7)	Apr	May (16)	Jun (5)	Jul (2)	Aug (7)	Sep (19)	Oct (5)	Nov (9)	Dec (13)
2007	Jan (21)	Feb (12)	Mar (6)	Apr	May (2)	Jun (14)	Jul (1)	Aug (1)	Sep (1)	Oct (1)	Nov	Dec
2008	Jan	Feb (1)	Mar (2)	Apr (5)	May (2)	Jun (1)	Jul (6)	Aug	Sep (9)	Oct (3)	Nov (25)	Dec (32)
2009	Jan (11)	Feb (12)	Mar (18)	Apr (19)	May (31)	Jun (23)	Jul (35)	Aug (7)	Sep (2)	Oct	Nov	Dec (8)
2010	Jan (3)	Feb (3)	Mar (3)	Apr	May	Jun	Jul (1)	Aug (1)	Sep (1)	Oct (1)	Nov	Dec
2013	Jan	Feb	Mar	Apr	May	Jun	Jul	Aug	Sep	Oct	Nov (1)	Dec
2016	Jan	Feb	Mar	Apr	May (1)	Jun	Jul	Aug	Sep	Oct	Nov	Dec

ebxmlms-general Mailing List for ebXML Message Service Handler (Page 6)

ebxmlms-general — General discussions