WebSphereMQ证书标签设置不适用于XMS,但适用于amqpmdnet

时间:2016-11-21 16:25:23

标签: c# .net ibm-mq

此代码与amqmdnet.dll(版本8.0.0.5)工作正常(服务器将SSLCAUTH设置为必需,因此证书标签设置是必须的):

    public MQQueueManager GetWmqQueueManager(MqConfig config)
    {
        var props = new Hashtable
        {
            {MQC.HOST_NAME_PROPERTY       , config.HostName},
            {MQC.PORT_PROPERTY            , config.Port},
            {MQC.CHANNEL_PROPERTY         , config.ChannelName},
            {MQC.SSL_CIPHER_SPEC_PROPERTY , config.SslCipherSpec},
            {MQC.SSL_PEER_NAME_PROPERTY   , config.SslPeerName},
            {MQC.SSL_CERT_STORE_PROPERTY  , config.SslPath},
            {MQC.SSL_CIPHER_SUITE_PROPERTY, config.SslCipherSuit}
        };

        MQEnvironment.CertificateLabel = config.CertLable;

        var queueManager = new MQQueueManager(config.QueueManagerName, props);
        return queueManager;
    }

我不想使用IBM.XML.dll(版本8.0.0.5),此代码抛出“MQRC_SSL_INITIALIZATION_ERROR”异常,错误代码为AMQ9642(在错误日志中找到):

    protected static IConnection GetXmsConnection(MqConfig config)
    {
        var factoryFactory = XMSFactoryFactory.GetInstance(XMSC.CT_WMQ);

        var cf = factoryFactory.CreateConnectionFactory();

        cf.SetStringProperty(XMSC.WMQ_HOST_NAME            , config.HostName);
        cf.SetIntProperty   (XMSC.WMQ_PORT                 , config.Port);
        cf.SetStringProperty(XMSC.WMQ_CHANNEL              , config.ChannelName);
        cf.SetStringProperty(XMSC.WMQ_SSL_CIPHER_SPEC      , config.SslCipherSpec);
        cf.SetStringProperty(XMSC.WMQ_SSL_PEER_NAME        , config.SslPeerName);
        cf.SetStringProperty(XMSC.WMQ_SSL_KEY_REPOSITORY   , config.SslPath);
        cf.SetStringProperty(XMSC.WMQ_SSL_CIPHER_SUITE     , config.SslCipherSuit);

        cf.SetStringProperty(XMSC.WMQ_SSL_CLIENT_CERT_LABEL, config.CertLable);

        cf.SetStringProperty(XMSC.WMQ_QUEUE_MANAGER        , config.QueueManagerName);
        cf.SetIntProperty   (XMSC.WMQ_CONNECTION_MODE      , XMSC.WMQ_CM_CLIENT_UNMANAGED);

        var con = cf.CreateConnection(); // <-- exception

        return con;
    }

AMQ9642说:

  

SSLCAUTH(REQUIRED)已在服务器端指定(RCVR)   通道定义要求客户端(SDR)提供有效的   证书。

堆栈跟踪:

IBM.XMS.Client.WMQ.Factories.WmqConnectionFactory.CreateProviderConnection(XmsPropertyContext connectionProps)
       in IBM.XMS.Client.Impl.XmsConnectionFactoryImpl.CreateConnection(String userID, String password)
       in IBM.XMS.Client.Impl.XmsConnectionFactoryImpl.CreateConnection()

异常详情:

ErrorCode: CWSMQ0006
CompCode : 2
Reason   : 2393

问题是第二段代码有什么问题? 我错过了什么吗?

EDIT1: 我正在使用WebSphereMQ 8.0.0.5,XMS也是8.0.0.5

1 个答案:

答案 0 :(得分:1)

这是我使用的片段。注意我将用户ID和密码传递给createConnection调用,因为我启用了用户身份验证。没有它们,我会得到MQRC 2035错误。

            fact = XMSFactoryFactory.GetInstance(XMSC.CT_WMQ);
            conf = fact.CreateConnectionFactory();

            conf.SetIntProperty(XMSC.WMQ_CONNECTION_MODE, XMSC.WMQ_CM_CLIENT_UNMANAGED);
            conf.SetStringProperty(XMSC.WMQ_QUEUE_MANAGER, "QM1");
            conf.SetStringProperty(XMSC.WMQ_HOST_NAME, "localhost");
            conf.SetIntProperty(XMSC.WMQ_PORT, 1414);
            conf.SetStringProperty(XMSC.WMQ_CHANNEL, "NET.SVRCONN");
            conf.SetStringProperty(XMSC.WMQ_SSL_KEY_REPOSITORY, "C:\\ProgramData\\IBM\\MQ\\qmgrs\\QM1\\ssl\\CLIENT");
            conf.SetStringProperty(XMSC.WMQ_SSL_CIPHER_SPEC, "TLS_RSA_WITH_AES_128_CBC_SHA");
            conf.SetStringProperty(XMSC.WMQ_SSL_PEER_NAME, "CN=QM1,OU=QMHOST,OU=LAB,OU=PAS,O=COM,L=BLR,ST=KA,C=IN");
            conf.SetStringProperty(XMSC.WMQ_SSL_CLIENT_CERT_LABEL, "ibmwebspheremqsamantha");

            mqConn = conf.CreateConnection("samantha","Passw0ord");