TIBCO Enterprise Message Service (EMS) Transport
This section describes configuration options for connecting to TIBCO EMS server as transport for TIBCO Hawk components.
Comment this option if you are using TCP Transport for TIBCO Hawk or TIBCO Rendezvous as the primary transport.
The two ways to specify the TIBCO EMS transport parameters are:
| 1. | Specify only the location of the EMS server. |
For example,
-ems_transport tcp://server1:7222
If communicating with the EMS server using SSL, specify the location of the EMS server as follows for the above example
-ems_transport ssl://server1:7222
also specify the additional options as outlined below.
| 2. | Specify the location of the EMS server and a valid user name and password for the EMS server. |
These parameters are separated by a space and can be an empty string to indicate a null value.
For example,
-ems_transport tcp://server1:7222 admin "#!NhAD1NBC"
For instructions to modify the password which was specified during installation, see Handling Passwords for TIBCO EMS Transport.
If communicating with the EMS server using SSL, specify the location of the EMS server as follows for the above example
-ems_transport ssl://server1:7222 admin "#!NhAD1NBC"
and also specify the additional options as outlined in TIBCO Enterprise Message Service (EMS) Transport Using SSL.
Re-Connection Setup
To ensure the TIBCO EMS client attempts re-connection after losing connection to the EMS server, repeat the server URL in the URL list. For example,
-ems_transport tcp://H1:7222,tcp://H1:7222
Fault Tolerance Setup
You can specify backup servers to connect to in the event of the failure of the primary server. The serverURLs for the primary and backup server are specified as a comma-separated list of URLs.
For example,
-ems_transport tcp://server1:7222,tcp://server2:7344
If a connection to the first URL fails, the next URL in the list is used to attempt a reconnection. The connections in the list are attempted in sequence (wrapping to the start of the list, if the first connection was not the failed connection) until all URLs have been tried. If no connection is established after all URLs have been tried, the connection fails.
In addition to specifying the -ems_transport options, the following parameters in the EMS server configuration file, tibemsd.conf, should be considered:
| • | ft_active—the name of the active server. |
| • | ft_reconnect_timeout—the amount of time a backup server waits for clients to reconnect. |
| • | store—the directory to store TIBCO EMS data. |
For more information, see TIBCO Enterprise Message Service documentation.
TIBCO Enterprise Message Service (EMS) Transport Using SSL
Specifies the SSL parameters used by TIBCO Hawk Display when connecting to the EMS server.
If the -ems_transport parameter is not used, the following options are ignored.
-ssl_vendor <name of the vendor>
The name of the vendor of the SSL implementation. The valid choices are
| • | j2se—Use this option when you want to use the default Java Cryptography Extension (JCE) bundled with the Java JRE. |
| • | -ssl_ciphers <suite-name>—When specifying this option to specify the cipher suites that can be used, use the ^ qualifier instead of a - qualifier. For more information about specifying cipher suites, refer to the TIBCO Enterprise Message Service documentation. |
In addition, the following sets of options are used:
For TIBCO Hawk components to verify the EMS server
| • | -ssl_no_verify_host—If this option is present, it this indicates that the TIBCO Hawk component should not verify the server. Conversely, if this option is not included in the configuration file, it indicates that TIBCO Hawk component should verify the server. |
| • | -ssl_trusted—The option specifies the file name of the server certificates. This option can be repeated if more than one certificate file is used. |
| • | -ssl_no_verify_hostname—This option specifies that the client should not verify the name in the CN field of the server certificate. Conversely, if this option is not included in the configuration file, it indicates that TIBCO Hawk component should verify the name in the CN field of the server certificate. |
| • | -ssl_expected_hostname—The name that is expected in the name of the CN field of the server certificates is specified by this option. The value of this option is used when the -ssl_no_verify_hostname option absent from the configuration file. |
|
Note |
If the |
For the EMS server to verify TIBCO Hawk components
| • | -ssl_identity—This option specifies the digital certificate of the TIBCO Hawk components. |
| • | -ssl_private_key—This option indicates the private key of the TIBCO Hawk component. If the key is included in the digital certificate in -ssl_identity, then you may comment this parameter. |
| • | -ssl_password—The password to decrypt the identity file of the Hawk component. |
Handling Passwords for TIBCO EMS Transport
On Microsoft Windows, the password is obfuscated before it is stored in the Microsoft Windows registry. In order to use the EMS password encrypt/decrypt functionality, all TIBCO Hawk components (including the tibhawkpassword wrapper) have to use JRE 1.8 or above.
If you need to change the user name and password information for the EMS server after installation, a utility is provided to encrypt your password. The following steps detail the use of this utility:
| 3. | Invoke the command line using the syntax |
tibhawkpassword -encrypt
| 4. | Enter the password you want to encrypt when prompted. |
| 5. | Copy and paste the output of the utility within quotes ("") into the configuration file. |
For example,
-ems_transport tcp://emsServer:7222 username "#!FrHOG/QbvQMdVk4/wMv/1DA0"
| 6. | Re-start the TIBCO Hawk component whose configuration file you updated in step above. |