ASG
IBM
Zystems
Cressida
Icon
Netflexity
 
  MQSeries.net
Search  Search       Tech Exchange      Education      Certifications      Library      Info Center      SupportPacs      LinkedIn  Search  Search                                                                   FAQ  FAQ   Usergroups  Usergroups
 
Register  ::  Log in Log in to check your private messages
 
RSS Feed - WebSphere MQ Support RSS Feed - Message Broker Support

MQSeries.net Forum Index » IBM MQ Java / JMS » AMQ9631 Jboss mdb + mq 6027

Post new topic  Reply to topic
 AMQ9631 Jboss mdb + mq 6027 « View previous topic :: View next topic » 
Author Message
moe
PostPosted: Wed Aug 26, 2009 1:38 am    Post subject: AMQ9631 Jboss mdb + mq 6027 Reply with quote

Apprentice

Joined: 05 Sep 2006
Posts: 33
Location: Sydney, Australia
System config:

WebSphere MQ 6.0.2.7 on Solaris 10 SPARC
Jboss AS with matching client libraries, jvm is:

Java(TM) 2 Runtime Environment, Standard Edition (build 1.5.0_15-b04)
Java HotSpot(TM) Server VM (build 1.5.0_15-b04, mixed mode)

bash-3.00$ gsk7cmd -version
IBM Key Management
Version : 7.0.3.28
Copyright IBM Corp. 1997 - 2006
All Rights Reserved

KJNI
============
@(#)CompanyName: IBM Corporation
@(#)LegalTrademarks: IBM
@(#)FileDescription: IBM Global Security Toolkit
@(#)FileVersion: 7.0.4.20
@(#)InternalName: gskkjni
@(#)LegalCopyright: Licensed Materials - Property of IBM GSKit
(C) Copyright IBM Corp.1995, 2007
All Rights Reserved. US Government Users
Restricted Rights - Use, duplication or disclosure
restricted by GSA ADP Schedule Contract with IBM Corp.
@(#)OriginalFilename: libgsk7kjni.so
@(#)ProductName: gsk7d (GoldCoast Build) 080916
@(#)ProductVersion: 7.0.4.20
@(#)ProductInfo: 08/09/11.02:11:07.08/09/16.16:56:58
@(#)CMVCInfo: gsk7d_080911/gsk7d_doc gsk7d_080911/gsk7d_ssl gsk7d_071122/gsk7d_pkg gsk7d_080911/gsk7d_ikm gsk7d_060620/gsk7d_acme gsk7d_080911/gsk7d_cms gsk7d_080721/gsk7d_support


Key repositories on qmgr and client side, both sides configured with public key of internal root ca and their own certs obviously.

The server connection channel is configured with SSLCIPH(TRIPLE_DES_SHA_US), on the client side the the ssl cipher suite is SSL_RSA_WITH_3DES_EDE_CBC_SHA.

Error

If i connect to the queue manager using mq explorer and the same client side key repository, the connection succeeds, when the jboss app server is started, an AMQ9631 is logged:

There is a mismatch between the CipherSpecs on the local and remote ends of
channel 'SSL_CHANNEL'. The channel will not run until this mismatch is
resolved. The CipherSpec required in the local channel definition is
'TRIPLE_DES_SHA_US'. The name of the CipherSpec negotiated during the SSL
handshake is 'TLS_RSA_WITH_3DES_EDE_CBC_SHA'. A code is displayed if the name
of the negotiated CipherSpec cannot be determined.

I read in the manuals that it may have something to do with certificate issuer issuing "Global Server Certificates" which require a higher level of encryption.

When i was setting up the certs and keyrepo's i didnt specifically set any options which may have done this.

Any suggestions?
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic  Reply to topic Page 1 of 1

MQSeries.net Forum Index » IBM MQ Java / JMS » AMQ9631 Jboss mdb + mq 6027
Jump to:  



You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
Protected by Anti-Spam ACP
  
 


Theme by Dustin Baccetti
Powered by phpBB © 2001, 2002 phpBB Group

Copyright © MQSeries.net. All rights reserved.