| Author |
Message
|
| anand158 |
 Posted: Tue May 09, 2006 8:27 am Post subject: HTTPS RequestNode |
 |
|
Newbie
Joined: 25 May 2005
Posts: 8
|
Hi,
I am working on HTTPS Request node for that its asking for certificates and keystore values can any one tell the exact procedure how to configure message broker for HTTPS Request node |
|
| Back to top |
|
 |
| jefflowrey |
| Posted: Tue May 09, 2006 8:28 am Post subject: |
|
|
Grand Poobah
Joined: 16 Oct 2002
Posts: 19981
|
What does the documentation say?
_________________
I am *not* the model of the modern major general. |
|
| Back to top |
|
|
| anand158 |
| Posted: Tue May 09, 2006 12:14 pm Post subject: HTTPS Request Node |
|
|
Newbie
Joined: 25 May 2005
Posts: 8
|
The documents is saying to import certificates in to CACERTS file we are not having cerificates with but we have a CACERTS file given by the web service provider if i am replaceing that CACERTS file in this path
MQSI\6.0\jre\lib\security i am getting HAND SHAKING EXCEPTION.
I dont know how to configure Message Broker for HTTPS Request node can you help me in this....
Thanking You,
Anand |
|
| Back to top |
|
|
| jefflowrey |
| Posted: Tue May 09, 2006 12:30 pm Post subject: |
|
|
Grand Poobah
Joined: 16 Oct 2002
Posts: 19981
|
|
| Back to top |
|
|
| anand158 |
| Posted: Tue May 09, 2006 1:37 pm Post subject: HTTPS RequestNode |
|
|
Newbie
Joined: 25 May 2005
Posts: 8
|
Hi,
If i am following this procedure its asking for a keystore password where can i found the KeyStore password.
Thanking You
Anand. |
|
| Back to top |
|
|
| jefflowrey |
| Posted: Tue May 09, 2006 1:46 pm Post subject: |
|
|
Grand Poobah
Joined: 16 Oct 2002
Posts: 19981
|
|
| Back to top |
|
|
| venkat kurra |
| Posted: Tue Jul 04, 2006 9:17 am Post subject: |
|
|
Master
Joined: 18 Oct 2001
Posts: 245
Location: Bloomington , IL
|
My keytool genarating errors on my workstation. Here are the steps i followed from IBM doc,
"%MQSI_FILEPATH%\jre\bin\keytool" -genkey -keypass password -keystore "D:\Documents and Settings\kurra\.keystore" -alias tomcat
mqsichangeproperties SFB_WMB -b httplistener -o HTTPListener -n enableSSLConnector -v true
mqsichangeproperties SFB_WMB -b httplistener -o HTTPSConnector -n keystoreFile -v "D:\Documents and Settings\kurra\.keystore"
mqsichangeproperties SFB_WMB -b httplistener -o HTTPSConnector -n keystorePass -v xxxxxxx
mqsichangeproperties SFB_WMB -b httplistener -o HTTPSConnector -n port -v 7080
I used a sample httpinput -->httpreply with HTTPS option.
Here is the event viewer application log error,
Event Type: Error
Event Source: WebSphere Broker v6001
Event Category: None
Event ID: 3135
Date: 6/30/2006
Time: 2:39:47 PM
User: N/A
Computer: W2CONTRACTOR01
Description:
( HTTPListener ) An exception occurred while starting the servlet engine connector. Exception text is 'LifecycleException: Protocol handler start failed: java.io.IOException at org.apache.coyote.tomcat5.CoyoteConnector.start(CoyoteConnector.java:1529) at com.ibm.broker.httplistener.TomcatWrapper.startSecureHTTPSConnector(TomcatWrapper.java:128) at com.ibm.broker.httplistener.HTTPListenerManager.run(HTTPListenerManager.java:168) at java.lang.Thread.run(Thread.java:568) '
There are many possible causes of this error. Common causes are:
1: The SSL keystoreFile does not exist or could not be found at the location specified in the 'keystoreFile' property or in the default location of: (<home directory of user-id running the broker>\.keystore)
2: The SSL keystoreFile was found but was accessed with an incorrect password.
3: The SSL key alias in the keystore has a password that is different from the keystore password.
However, this may be an internal error, possibly due to a faulty installation. A review of the exception text may indicate a solution.
Stop the broker and if the exception text does not allow you to solve the problem then you should contact your IBM support center.
I tested same thing on a different workstation and it worked. How can i identify the installation issue?
i checked 1,2 and 3 common causes,
1. .keystore exist under D:\Documents and Settings\kurra
2. I used only one password
3. tomcat uses same password (see above commands)
Any idea?
_________________
Thanks,
Venkat Kurra
IBM Certified Specialist-MQSeries
IBM Websphere MQSeries Administrator
IBM WebSphere Message Broker System Admin |
|
| Back to top |
|
|
| mgk |
| Posted: Wed Jul 05, 2006 12:53 am Post subject: |
|
|
Padawan
Joined: 31 Jul 2003
Posts: 1642
|
Hi,
You explicily set the port to 7080 and I wonder if 7080 is in use already? 7080 is the default for none-ssl traffic...
_________________
MGK
The postings I make on this site are my own and don't necessarily represent IBM's positions, strategies or opinions. |
|
| Back to top |
|
|
| venkat kurra |
| Posted: Wed Jul 05, 2006 8:00 pm Post subject: |
|
|
Master
Joined: 18 Oct 2001
Posts: 245
Location: Bloomington , IL
|
I deleted all execution groups and restarted my workstation (local broker) to make sure 7080 not used by any other service.
I repeated keystore configuration steps one more time. Deployed sample http flow and then the error repeated again.
| Quote: |
| You explicily set the port to 7080 |
mqsichangeproperties SFB_WMB -b httplistener -o HTTPSConnector -n port -v 7080
_________________
Thanks,
Venkat Kurra
IBM Certified Specialist-MQSeries
IBM Websphere MQSeries Administrator
IBM WebSphere Message Broker System Admin |
|
| Back to top |
|
|
|
|
