| |
|
RSS Feed - WebSphere MQ Support
|
RSS Feed - Message Broker Support
|
  |
|
| SSL negotiation issue with mq v6 java client and server |
« View previous topic :: View next topic » |
| Author |
Message
|
| mqwanted |
 Posted: Mon Oct 19, 2009 2:31 pm Post subject: SSL negotiation issue with mq v6 java client and server |
 |
|
Newbie
Joined: 19 Oct 2009
Posts: 6
|
Hi,
MQ upgrade from v5.3 to 6 java mq client causing RC 2009 exception (channel inactive and SSL handshake error at server). I have shown the code below with error in v6 and no error in v5.3. The only difference is the java library files.
-------------------------------------------------------------------------------------
code:
Hashtable props = new java.util.Hashtable();
props.put(MQC.TRANSPORT_PROPERTY,MQC.TRANSPORT_MQSERIES_CLIENT);
props.put(MQC.HOST_NAME_PROPERTY, hostName);
props.put(MQC.PORT_PROPERTY, new Integer(port));
props.put(MQC.CHANNEL_PROPERTY, channel);
props.put(MQC.SSL_CIPHER_SUITE_PROPERTY,"SSL_RSA_WITH_3DES_EDE_CBC_SHA");
MQQueueManager mqQM = new MQQueueManager(queueManager,props);
-------------------------------------------------------------------------------------
V6:
MQBrowseAndDisplay: channelName : Websphere MQ classes for Java V6.0.0
QM start
MQJE001: An MQException occurred: Completion Code 2, Reason 2009
MQJE016: MQ queue manager closed channel immediately during connect
Closure reason = 2009
-------------------------------------------------------------------------------------
V5:
MQBrowseAndDisplay: channelName : Websphere MQ classes for Java V5.3.0
QM start
Initialized start
Opening Queue
Opened Queue
-------------------------------------------------------------------------------------
Please suggest if there is any change needed in server or new parameter to be set in client side - Thx |
|
| Back to top |
|
 |
| fjb_saper |
| Posted: Mon Oct 19, 2009 9:55 pm Post subject: |
|
|
Grand High Poobah
Joined: 18 Nov 2003
Posts: 20756
Location: LI,NY
|
Can you connect without SSL?
What userid and passwd are you passing on the client connection? 
_________________
MQ & Broker admin |
|
| Back to top |
|
|
| mqwanted |
| Posted: Tue Oct 20, 2009 6:50 am Post subject: |
|
|
Newbie
Joined: 19 Oct 2009
Posts: 6
|
We need to use SSL and there is no User/Password as we are using SSL.
From the server side we are able to see 2035 reason code and channels are inactive. |
|
| Back to top |
|
|
| mqwanted |
| Posted: Tue Oct 20, 2009 11:54 am Post subject: |
|
|
Newbie
Joined: 19 Oct 2009
Posts: 6
|
Enabled the ssl debug flags and it looks like v5.3 uses TLS but v6 uses SSLv3 for the same cipher suite property
props.put(MQC.SSL_CIPHER_SUITE_PROPERTY,"SSL_RSA_WITH_3DES_EDE_CBC_SHA");
V5.3:
*** ClientHello, TLSv1
main, WRITE: TLSv1 Handshake, length = 45
main, WRITE: SSLv2 client hello message, length = 47
main, READ: TLSv1 Handshake, length = 7214
*** ServerHello, TLSv1
V6.0:
*** ClientHello, SSLv3
RandomCookie: GMT: 1239216513 bytes = { 42, 112, 159, 83, 227, 251, 30, 92, 60, 60, 202, 190, 115, 227, 97, 149, 11, 43, 102, 177, 66, 22, 162, 144, 45, 27, 9, 199 }
main, WRITE: SSLv3 Handshake, length = 45
main, READ: SSLv3 Handshake, length = 7214
*** ServerHello, SSLv3 |
|
| Back to top |
|
|
|
|
|
| |
|
Page 1 of 1 |
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
|
|
