MQ服务器失败:AMQ9637:Channel缺少证书。但Java客户端配置为发送它

时间:2016-10-07 15:24:14

标签: java ssl ibm-mq

我在客户端报告的SSL握手问题为:

main, handling exception: javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake
...
    Caused by: com.ibm.mq.jmqi.JmqiException: CC=2;RC=2397;AMQ9771: SSL handshake failed. [1=javax.net.ssl.SSLHandshakeException[Remote host closed connection during handshake],3=localhost/127.0.0.1:1414 (localhost),4=SSLSocket.startHandshake,5=default]
        at com.ibm.mq.jmqi.remote.impl.RemoteTCPConnection.protocolConnect(RemoteTCPConnection.java:1187)
        at com.ibm.mq.jmqi.remote.impl.RemoteConnection.connect(RemoteConnection.java:724)
        at com.ibm.mq.jmqi.remote.impl.RemoteConnectionSpecification.getSessionFromNewConnection(RemoteConnectionSpecification.java:400)
        at com.ibm.mq.jmqi.remote.impl.RemoteConnectionSpecification.getSession(RemoteConnectionSpecification.java:299)
        at com.ibm.mq.jmqi.remote.impl.RemoteConnectionPool.getSession(RemoteConnectionPool.java:164)
        at com.ibm.mq.jmqi.remote.api.RemoteFAP.jmqiConnect(RemoteFAP.java:1598)
        ... 15 more
    Caused by: javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake
        at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:953)
        at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1332)
        at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1359)
        at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1343)
        at com.ibm.mq.jmqi.remote.impl.RemoteTCPConnection$6.run(RemoteTCPConnection.java:1156)
        at com.ibm.mq.jmqi.remote.impl.RemoteTCPConnection$6.run(RemoteTCPConnection.java:1151)
        at java.security.AccessController.doPrivileged(Native Method)
        at com.ibm.mq.jmqi.remote.impl.RemoteTCPConnection.protocolConnect(RemoteTCPConnection.java:1149)
        ... 20 more
    Caused by: java.io.EOFException: SSL peer shut down incorrectly
        at sun.security.ssl.InputRecord.read(InputRecord.java:482)
        at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:934)
        ... 27 more

并在MQ服务器上:

AMQ9637: Channel is lacking a certificate.

显然服务器没有获得(或接受?)客户端证书。这是一个不好的前提,问题是服务器证书

我用:

JAVA 7 (1.7.0_75) 
MQ 7.5 client libs (7.5.0.2)
MQ 8.0 server (8.0.0.5)

这是client Java class。我尝试接受所有服务器证书,并将客户端证书发送到MQ服务器端,并在MQ信任库中导入相同的证书。不确定问题是否对证书名称有任何限制,如下所示:http://www-01.ibm.com/support/docview.wss?rs=0&uid=swg21245474或者证书确实没有发送到服务器端。

---编辑:---

这是我的QMGR和CNL配置的SSL屏幕: enter image description here enter image description here

1 个答案:

答案 0 :(得分:3)

首先,我使用自己的标签创建证书,但不同于:

中的defaultgene 
[b]bbCode[/b]

MQMGR->Properties->SSL->Certificate Label ,当我重新创建指定了相同名称的证书时:

ibmwebspheremq<qmgr_name_lower_case>

它开始与服务器通信。

编辑:另请参阅this

相关问题
最新问题