SSL的IBM MQ连接问题

时间:2019-07-17 18:20:22

标签: java spring jms ibm-mq

我已将所有证书添加到cacerts中。使用来自MQ团队的这些证书和jks,我创建了一个SSLConnectionFactory。并将其传递给Mqconnectionfactory。我添加了VM参数:

u8

我们有无限的JCE策略,JDK 1.8,IBM MQ所有客户端9.0.4.0

示例代码

-Dcom.ibm.mq.cfg.useIBMCipherMappings=false
-Djavax.net.debug=all
-Dcom.ibm.mq.cfg.preferTLS=true

错误如下

private SSLSocketFactory getSocketFactory() {
            KeyStore ks;
            SSLSocketFactory sslSocketFactory = null;

            String keystoreFile = environment.getProperty("ibmmq.keystoreFile");
            String truststoreFile = environment.getProperty("ibmmq.truststoreFile");
            String keystorePassword = environment.getProperty("ibmmq.keystorePassword");
            String trustStorePassword = environment.getProperty("ibmmq.trustStorePassword");

            try {
                ks = KeyStore.getInstance("JKS");
                ks.load(new FileInputStream(keystoreFile), keystorePassword.toCharArray());
                KeyStore trustStore = KeyStore.getInstance("JKS");
                trustStore.load(new FileInputStream(truststoreFile), trustStorePassword.toCharArray());
                TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
                KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
                trustManagerFactory.init(trustStore);
                keyManagerFactory.init(ks, keystorePassword.toCharArray());
                SSLContext sslContext = SSLContext.getInstance("TLSv1.2");
                sslContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), null);
                sslSocketFactory = sslContext.getSocketFactory();
                logger.info("Initialized ssl socket factory... " + sslSocketFactory.toString());

            } catch (KeyStoreException e) {
                logger.error("KeyStoreException on getSocketFactory due to {}", e);
            } catch (NoSuchAlgorithmException e) {
                logger.error("NoSuchAlgorithmException on getSocketFactory due to {}", e);
            } catch (CertificateException e) {
                logger.error("CertificateException on getSocketFactory due to {}", e);
            } catch (FileNotFoundException e) {
                logger.error("FileNotFoundException on getSocketFactory due to {}", e);
            } catch (IOException e) {
                logger.error("IOException on getSocketFactory due to {}", e);
            } catch (UnrecoverableKeyException e) {
                logger.error("UnrecoverableKeyException on getSocketFactory due to {}", e);
            } catch (KeyManagementException e) {
                logger.error("KeyManagementException on getSocketFactory due to {}", e);
            }
            return sslSocketFactory;
        }

    private MQQueueConnectionFactory mqQueueConnectionFactoryBill() {
             MQQueueConnectionFactory mqQueueConnectionFactory = new MQQueueConnectionFactory();

               try {

                   mqQueueConnectionFactory.setHostName(environment.getProperty("ibmmq.host"));
                   mqQueueConnectionFactory.setPort(environment.getProperty("ibmmq.port", Integer.class));
                   mqQueueConnectionFactory.setTransportType(WMQConstants.WMQ_CM_CLIENT);
                   mqQueueConnectionFactory.setCCSID(WMQConstants.CCSID_UTF8);
                   mqQueueConnectionFactory.setChannel(environment.getProperty("ibmmq.channel"));
                   mqQueueConnectionFactory.setQueueManager(environment.getProperty("ibmmq.queue-manager"));
                   mqQueueConnectionFactory.setSSLCipherSuite(environment.getProperty("ibmmq.cipher.suite"));
                   mqQueueConnectionFactory.setSSLSocketFactory(getSocketFactory());
                   mqQueueConnectionFactory.setSSLFipsRequired(false);
                   System.out.println("mqQueueConnectionFactory initialized..!!! ==> " + mqQueueConnectionFactory.toString());
                   //System.out.println("mqQueueConnectionFactory  connection ..!!! ==> " + mqQueueConnectionFactory.createConnection());
                   //System.out.println("mqQueueConnectionFactory ..!!! ==> " + mqQueueConnectionFactory.getClientReconnectOptions());
               } catch (Exception e) {
                    e.printStackTrace();
                }

                return mqQueueConnectionFactory;
        }

    @Bean
        public CachingConnectionFactory cachingConnectionFactory() {
            CachingConnectionFactory cachingConnectionFactory = new CachingConnectionFactory();
            cachingConnectionFactory.setTargetConnectionFactory(userCredentialsConnectionFactoryAdapterBill());
            cachingConnectionFactory.setSessionCacheSize(500);
            cachingConnectionFactory.setCacheProducers(true);
            cachingConnectionFactory.setReconnectOnException(true);
            return cachingConnectionFactory;
        }

    private UserCredentialsConnectionFactoryAdapter userCredentialsConnectionFactoryAdapterBill() {
             UserCredentialsConnectionFactoryAdapter userCredentialsConnectionFactoryAdapter = new UserCredentialsConnectionFactoryAdapter();
             userCredentialsConnectionFactoryAdapter.setUsername(environment.getProperty("ibmmq.username"));
             userCredentialsConnectionFactoryAdapter.setPassword(environment.getProperty("ibmmq.password"));
             userCredentialsConnectionFactoryAdapter.setTargetConnectionFactory(mqQueueConnectionFactoryBill());
             return userCredentialsConnectionFactoryAdapter;
       }
    @Bean
        public SimpleMessageListenerContainer sampleQueueContainer(@Autowired MessageListener listener) {
            SimpleMessageListenerContainer container = new SimpleMessageListenerContainer();
            container.setConnectionFactory(cachingConnectionFactory());
            container.setDestinationName(environment.getProperty("ibmmq.mq.name"));
            container.setMessageListener(listener);
            container.afterPropertiesSet();
            container.start();
            return container;
        } 

0 个答案:

没有答案