通过.net客户端通过SSL连接到IBM MQ

时间:2014-11-12 23:19:06

标签: c# .net ssl ibm-mq mq

我正在尝试通过.NET客户端连接到MQ服务器队列。我需要使用证书进行安全通信。这是我的代码:

MQEnvironment.SSLKeyRepository = "*SYSTEM";
MQEnvironment.ConnectionName = connectionName;
MQEnvironment.Channel = channelName;
MQEnvironment.properties.Add(MQC.TRANSPORT_PROPERTY, MQC.TRANSPORT_MQSERIES_MANAGED);
MQEnvironment.SSLCipherSpec = "TLS_RSA_WITH_AES_256_CBC_SHA"; 

queueManager = new MQQueueManager(queueManagerName, channelName, connectionName);

queue = queueManager.AccessQueue(SendQueueName,MQC.MQOO_OUTPUT + MQC.MQOO_FAIL_IF_QUIESCING);
queueMessage = new MQMessage();
queueMessage.WriteString(message);
queueMessage.Format = MQC.MQFMT_STRING;
queue.Put(queueMessage, new MQPutMessageOptions());

每次我尝试将消息放入队列时,都会收到此错误消息

Reason Code: 2059
MQexp.Message: MQRC_Q_MGR_NOT_AVAILABLE

我检查了我的变量以获取队列管理器名称,队列名称等,它们是正确的。 我还能够连接到没有SSL的不同队列,我相信我的代码没有提供足够的信息来建立成功的连接。

对此有任何帮助将不胜感激。

谢谢, KUNAL

1 个答案:

答案 0 :(得分:1)

我遇到了同样的问题和错误消息。启用跟踪后,我能够隔离问题。 我总是想知道客户如何从商店中选择正确的客户证书。跟踪输出显示如下:

<Page.Resources>
    <DataTemplate x:Key="PaymentView">
        <local:PaymentView />
    </DataTemplate>
    <DataTemplate x:Key="InvoiceView">
        <local:InvoiceView />
    </DataTemplate>
</Page.Resources>

...

<ContentControl Content="{Binding}"
                ContentTemplate="{StaticResource InvoiceView}"
                RelativePanel.AlignLeftWithPanel="True"
                RelativePanel.AlignRightWithPanel="True"
                RelativePanel.Below="PageHeader">
    <interactivity:Interaction.Behaviors>
        <core:DataTriggerBehavior Binding="{Binding CurrentView}" Value="Invoice">
            <core:ChangePropertyAction PropertyName="ContentTemplate" Value="{StaticResource InvoiceView}" />
        </core:DataTriggerBehavior>
        <core:DataTriggerBehavior Binding="{Binding CurrentView}" Value="Payment">
            <core:ChangePropertyAction PropertyName="ContentTemplate" Value="{StaticResource PaymentView}" />
        </core:DataTriggerBehavior>
    </interactivity:Interaction.Behaviors>
</ContentControl>

就我而言,我必须将友好的客户端证书名称设置为ibmwebspheremq myusername (替换&#34; myusername&#34;与您的用户ID)和在代码中设置标签:

000001B2 15:53:46.828145   20776.10    Created an instance of SSLStreams
000001B3 15:53:46.828145   20776.10    Setting current certificate store as 'Computer'
000001B4 15:53:46.828145   20776.10    Created store object to access certificates
000001B5 15:53:46.834145   20776.10    Opened store
000001B6 15:53:46.834145   20776.10    Accessing certificate - ibmwebspheremqmyusername
000001B7 15:53:46.835145   20776.10    TLS12 supported - True
000001B8 15:53:46.837145   20776.10    Setting SslProtol as Tls
000001B9 15:53:46.837145   20776.10    Starting SSL Authentication

要启用跟踪,请在app.config / web.config中添加以下内容,其中路径指向包含名为 mqtrace.config 的文件的位置:

properties.Add(MQC.MQCA_CERT_LABEL, "ibmwebspheremqmyusername");

mqtrace.config的示例内容(指定目录必须提前存在):

<appSettings>
    <add key="MQTRACECONFIGFILEPATH" value="C:\MQTRACECONFIG" />
</appSettings>

以下是一些更详细的链接:

跟踪:
https://www.ibm.com/support/knowledgecenter/SSFKSJ_8.0.0/com.ibm.mq.dev.doc/q123550_.htm 为什么标签:
http://www-01.ibm.com/support/docview.wss?uid=swg21245474

相关问题
最新问题