Sun Java System Message Queue 3.7 UR1 Administration Guide

Deploying the HTTPS Tunnel Servlet on Sun Java System Application Server

This section describes how you deploy the HTTPS tunnel servlet as a .war file on the Sun Java System Application Server.

Two steps are required:

Using the Deployment Tool

The following procedure shows how to deploy the HTTPS tunnel servlet in an Application Server environment.

ProcedureTo Deploy the HTTPS Tunnel Servlet in an Application Server Environment

  1. In the Web-based administration GUI, choose

    App Server > Instances > server1 > Applications > Web Applications

  2. Click the Deploy button.

  3. In the File Path: text field, enter the location of the HTTPS tunnel servlet .war file (imqhttps.war), and click OK.

    The location of the imqhttps.war file depends on your operating system (see Appendix A, Platform-Specific Locations of Message QueueTM Data).

  4. Set the value for the Context Root text field, and click OK.

    The Context Root field value is the /contextRoot portion of the tunnel servlet URL:

    https://hostName :portNumber / contextRoot/tunnel

    For example, you could set the Context Root field to:


    The next screen shows that the tunnel servlet has been successfully deployed, is enabled by default, and in this case is located at:


    The servlet is now available at the following URL:


    Clients can now use this URL to connect to the message service using an HTTPS connection.

Modifying the server.policy file

Application Server enforces a set of default security policies that unless modified would prevent the HTTPS tunnel servlet from accepting connections from the Message Queue broker.

Each application server instance has a file that contains its security policies or rules. For example, the location of this file for the server1 instance on Solaris is:


To make the tunnel servlet accept connections from the Message Queue broker, an additional entry is required in this file.

ProcedureTo Modify the Application Server’s server.policy File

  1. Open the server.policy file.

  2. Add the following entry:

    grant codeBase
            permission "*",