TIBCOSoftware / be-tools

Collection of tools to work with TIBCO BusinessEvents
https://www.tibco.com/products/tibco-businessevents
Other
9 stars 4 forks source link

SSL Authentication on AWS EKS not work in environment #224

Closed umueller-de closed 3 years ago

umueller-de commented 3 years ago

Version Information

Software Version(s)
BusinessEvents 6.1.0
OS Type? Linux
OS Version? Ubuntu (docker)
Docker AWS EKS
Kubernetes AWS EKS
Helm

What is the expected behavior?

Secure connection not work properly https:///WebStudio

What is the actual behavior?

After login, connection lost to RMS server

Other notes on how to reproduce the issue?

Please perform a test in your labs to confirm issue not related to the environment.

It is required to update RMS.cdd (two places) to enable One-way SSL Authentication in RMS (sslCertificateStore installed with the produce, default file and password)

Any possible solutions?

No, connection works in Docker environment and on MiniKube

Question:

Please perform a test on AWS EKS with One-way SSL Authentication enabled.

To enable it update RMS.cdd (two places) and remove "/WebStudio/Core/Channels/WS_CH_Secure_WebstudioChannel" value from the be.channel.deactivate property

See: https://docs.tibco.com/pub/businessevents-enterprise/6.1.1/doc/html/Default.htm#WebStudio/Enabling-One-way-SSL-Authentication-in-RMS.htm?Highlight=deactivate

rameshpolishetti commented 3 years ago

@staffwaremueller I have generated BE application container image as mentioned in the ticket and verified on AWS EKS environment, but not able to reproduce the issue.

Attaching Helm values.yaml and dry-run output for reference. values.yaml.zip rms.yaml.zip

LakshmiMekala commented 3 years ago

@staffwaremueller Can you check if required ports(https port) were added to EKS security groups or not.

How did you deploy RMS into EKS cluster?

umueller-de commented 3 years ago

Ports added and login works but connection lost after 30secs - looks like a AWS (EKS) configuration issue. We just want to confirm that's tested/validated. You can close the ticket. Thanks

LakshmiMekala commented 3 years ago

Closing as per above comments