com.ibm.msg.client.jms.DetailedJMSException: JMSWMQ0018: Failed to connect to queue manager 'xxx' with connection mode 'yyy' and host name 'zzz'

时间:2017-03-28 16:36:07

标签: ssl connection jms ibm-mq mq

JMS app requires seven parameters to make successful SSL connection with MQ series given here, https://github.com/ibm-messaging/mq-tls-ssl-wizard/blob/master/com.ibm.mq.ssl-wizard/src/tlswizard/samples/SSLSampleJMS.java

的样式

我正在尝试解释这些参数,

  1. Conname-服务器队列管理器的连接名称,格式与MQSC DEFINE CHANNEL命令上的CONNAME参数相同,但未指定端口。

    • 我想这是主机名
  2. 端口 - 服务器队列管理器的连接端口。

    • 这是端口号
  3. SvrconnChannelName - 服务器队列管理器上用于连接示例程序的服务器连接通道的名称。

  4. QMgrName - 服务器队列管理器的名称。

  5. SSLCiph - SSL CipherSpec。

    • 我正在使用SSL_RSA_WITH_AES_256_CBC_SHA。
  6. SSLKeyr - 单个商店的名称,它是密钥库和信任库 我使用mycertfile.cert使用mypassword生成了myjksfile.cek以及下面的命令,并在程序中提供了该文件的路径为" C:\ Users \ abc \ myjksfile.jks",

    • keytool -import -trustcacerts -keystore myjksfile.jks -storepass changeit -noprompt -alias ibmWebSphereMQUTQX -file C:\ mqlib \ mycertfile.cert
  7. SSLKeyrPassword - SSL密钥存储库密码 我用来生成myjksfile.jks文件的密码

  8. 使用这七个参数在程序上运行会导致此异常,

    com.ibm.msg.client.jms.DetailedJMSException: JMSWMQ0018: Failed to connect to     
    queue manager 'XXXX' with connection mode 'Client' and host name   
    'xxxx.yyyyyy.com(XXXXX)'.Check the queue manager is started and if running in
    client mode, check there is a listener running. Please see the linked  
    exception for more information. at  
    com.ibm.msg.client.wmq.common.internal.Reason.reasonToException
    (Reason.java:580) at  
    com.ibm.msg.client.wmq.common.internal.Reason.createException
    (Reason.java:216) at com.ibm.msg.client.wmq.internal.WMQConnection.<init> 
    (WMQConnection.java:431) at  
    com.ibm.msg.client.wmq.factories.WMQConnectionFactory.
    createV7ProviderConnection(WMQConnectionFactory.java:6789) at  
    com.ibm.msg.client.wmq.factories.WMQConnectionFactory.
    createProviderConnection(WMQConnectionFactory.java:6157)
    at com.ibm.msg.client.jms.admin.JmsConnectionFactoryImpl.
    createConnection(JmsConnectionFactoryImpl.java:285)
    at com.ibm.mq.jms.MQConnectionFactory.createCommonConnection
    (MQConnectionFactory.java:6126) at      
    com.ibm.mq.jms.MQQueueConnectionFactory.createQueueConnection 
    (MQQueueConnectionFactory.java:115) at  
    SSLSampleJMS.runSample(SSLSampleJMS.java:176)
    at SSLSampleJMS.main(SSLSampleJMS.java:135)
    Caused by: com.ibm.mq.MQException: JMSCMQ0001: WebSphere MQ call failed with
    compcode '2' ('MQCC_FAILED') reason '2393' ('MQRC_SSL_INITIALIZATION_ERROR').
    at com.ibm.msg.client.wmq.common.internal.Reason.createException
    (Reason.java:204)... 8 more
    Caused by: com.ibm.mq.jmqi.JmqiException: CC=2;RC=2393;AMQ9204: Connection to
    host 'xxxx.yyyyyy.com(XXXXX)' rejected.
    [1=com.ibm.mq.jmqi.JmqiException[CC=2;RC=2393;AMQ9771: SSL handshake failed.
    [1=java.lang.IllegalArgumentException[Cannot support
    SSL_RSA_WITH_AES_256_CBC_SHA with currently installed   
    providers],3=xxxx.yyyyyy.com/XX.XXX.XXX.XXX:XXXXX (xxxx.yyyyyy.com),4=SSLSocket.createSocket,5=default]],3=xxxx.yyyyyy.com(XXXXX),5=RemoteTCPConnection.makeSocketSecure]
    at com.ibm.mq.jmqi.remote.api.RemoteFAP.jmqiConnect(RemoteFAP.java:2098)
    at com.ibm.mq.jmqi.remote.api.RemoteFAP.jmqiConnect(RemoteFAP.java:1347)
    at com.ibm.msg.client.wmq.internal.WMQConnection.<init>(WMQConnection.java:350)
    ... 7 more
    Caused by: com.ibm.mq.jmqi.JmqiException: CC=2;RC=2393;AMQ9771: SSL handshake
    failed. [1=java.lang.IllegalArgumentException[Cannot support
    SSL_RSA_WITH_AES_256_CBC_SHA with currently installed   
    providers],3=xxxx.yyyyyy.com/XX.XXX.XXX.XXX:XXXXX
    (xxxx.yyyyyy.com),4=SSLSocket.createSocket,5=default]
    at com.ibm.mq.jmqi.remote.impl.RemoteTCPConnection.makeSocketSecure
    (RemoteTCPConnection.java:2001) at com.ibm.mq.jmqi.remote.impl.
    RemoteTCPConnection.connnectUsingLocalAddress(RemoteTCPConnection.java:855)
    at com.ibm.mq.jmqi.remote.impl.RemoteTCPConnection.protocolConnect
    (RemoteTCPConnection.java:1262) at 
    com.ibm.mq.jmqi.remote.impl.RemoteConnection.connect
    (RemoteConnection.java:714) at  
    com.ibm.mq.jmqi.remote.impl.RemoteConnectionSpecification.
    getSessionFromNewConnection(RemoteConnectionSpecification.java:356)
    at com.ibm.mq.jmqi.remote.impl.RemoteConnectionSpecification.
    getSession(RemoteConnectionSpecification.java:265)
    at com.ibm.mq.jmqi.remote.impl.RemoteConnectionPool.
    getSession(RemoteConnectionPool.java:144)
    at com.ibm.mq.jmqi.remote.api.RemoteFAP.jmqiConnect(RemoteFAP.java:1709)
    ... 9 more
    Caused by: java.lang.IllegalArgumentException: Cannot support
    SSL_RSA_WITH_AES_256_CBC_SHA with currently installed providers
    at com.ibm.jsse2.o.<init>(o.java:29)
    at com.ibm.jsse2.as.setEnabledCipherSuites(as.java:5)
    at com.ibm.mq.jmqi.remote.impl.RemoteTCPConnection.makeSocketSecure
    (RemoteTCPConnection.java:1994)
    ... 16 more
    Process finished with exit code 0
    

1 个答案:

答案 0 :(得分:1)

以上异常是导致在JMS clint端使用错误的密码套件的原因。我在客户端使用SSL_RSA_WITH_AES_256_CBC_SHA密码套件并且收到“java.lang.IllegalArgumentException [无法支持 当前已安装的SSL_RSA_WITH_AES_256_CBC_SHA
在JMS客户端使用正确的密码套件(TLS_RSA_WITH_AES_256_CBC_SHA)使JMS客户端和MQ系列之间的握手成功。 参考:http://www-01.ibm.com/support/docview.wss?uid=swg1IV66840