All Apps and Add-ons

Problems with SSL JNDI Lookup against Tibco EMS

Path Finder

I am trying to perform a JNDI lookup over SSL to Tibco EMS using the JMS Modular Input. Everything works OK for a non-SSL JNDI lookup and I am also able to create an SSL queue connection (based on an SSL connection factory - when using a non-SSL lookup).

External to Splunk and the JMS TA the following Java code successfully performs a JNDI lookup over SSL:

Properties props = new Properties();
props.put(Context.INITIAL_CONTEXT_FACTORY, "com.tibco.tibjms.naming.TibjmsInitialContextFactory");
props.put(Context.PROVIDER_URL, "tibjmsnaming://localhost:7243");
//SSL JNDI Lookup 
props.put(com.tibco.tibjms.naming.TibjmsContext.SECURITY_PROTOCOL,"ssl");
props.put(com.tibco.tibjms.naming.TibjmsContext.SSL_ENABLE_VERIFY_HOST, new Boolean("false"));
...
InitialContext context = new InitialContext(props);
QueueConnectionFactory qconFactory = (QueueConnectionFactory)context.lookup("SplunkConnectionFactory");

All attempts to recreate this setup in the JMS TA (through userjndiproperties) result in the following error being logged:

03-31-2017 14:18:12.850 +0100 ERROR ExecProcessor - message from "python /opt/splunk/etc/apps/jms_ta/bin/jms.py" Stanza jms://queue/:splunk : Error connecting : javax.naming.ServiceUnavailableException: Failed to query JNDI: Failed to connect to the server at tcp://localhost:7243 [Root exception is javax.jms.JMSException: Failed to connect to the server at tcp://localhost:7243]

The inputs.conf below shows the setup, all of the commented out userjndiproperties have been attempted resulting in the same error:

[jms://queue/:splunk]
browse_mode = stats
browse_queue_only = 0
durable = 0
hec_batch_mode = 0
hec_https = 0
index_message_header = 0
index_message_properties = 0
init_mode = jndi
jms_connection_factory_name = SplunkConnectionFactory
jndi_initialcontext_factory = com.tibco.tibjms.naming.TibjmsInitialContextFactory
jndi_provider_url = tibjmsnaming://localhost:7243
output_type = stdout
sourcetype = jms_test
strip_newlines = 1
#user_jndi_properties = com.tibco.tibjms.naming.TibjmsContext.SECURITY_PROTOCOL="ssl",com.tibco.tibjms.naming.TibjmsContext.SSL_ENABLE_VERIFY_HOST=new Boolean("false")
#user_jndi_properties = com.tibco.tibjms.naming.TibjmsContext.SECURITY_PROTOCOL="ssl",com.tibco.tibjms.naming.TibjmsContext.SSL_ENABLE_VERIFY_HOST="new Boolean("false")"
#user_jndi_properties = com.tibco.tibjms.naming.TibjmsContext.SECURITY_PROTOCOL="ssl",com.tibco.tibjms.naming.TibjmsContext.SSL_ENABLE_VERIFY_HOST="false"
user_jndi_properties = com.tibco.tibjms.naming.TibjmsContext.SECURITY_PROTOCOL="ssl"

I have had a look at the source code for the JMS TA and can see where these properties are set - though I'd need to create a working dev environment and step through the code to see why the above fails. Any help appreciated..

0 Karma
1 Solution

Ultra Champion

Try :

user_jndi_properties = com.tibco.tibjms.naming.security_protocol=ssl,com.tibco.tibjms.naming.ssl_enable_verify_host=false,com.tibco.tibjms.naming.ssl_vendor=j2se-default

View solution in original post

Ultra Champion

Try :

user_jndi_properties = com.tibco.tibjms.naming.security_protocol=ssl,com.tibco.tibjms.naming.ssl_enable_verify_host=false,com.tibco.tibjms.naming.ssl_vendor=j2se-default

View solution in original post

Path Finder

Thanks Damien - that works 🙂

0 Karma

Ultra Champion

Lucky guess , I had to go back in my email archives as I recalled I helped a customer with this once.

0 Karma