| |
|
RSS Feed - WebSphere MQ Support
|
RSS Feed - Message Broker Support
|
  |
|
| HTTPRequest Node SSL Connection |
« View previous topic :: View next topic » |
| Author |
Message
|
| SKK |
 Posted: Sat Oct 06, 2012 11:15 pm Post subject: HTTPRequest Node SSL Connection |
 |
|
Acolyte
Joined: 09 May 2005
Posts: 67
|
Hi,
We are using HTTP Request node for HTTP request over SSL.
We havent generated any CSR from our side. We directly got PFX from our partner, which one listed shows 1 entries with 3 chain certficiate. This chain is for Personal Certificate, Intermediate and Trusted root.
We converted this pfx in to jks and used this as keystore in WMB, when we tested, we got getting "java.net.SocketException: Unconnected sockets not implemented" in our WMB exception list.
A Web Service request has detected a SOCKET error whilst invoking a web service located at host &1, on port &2, on path &3. - 1:[[4.0.18.15]]; 2:[[443]]; 3:[[/Autenticator/Service.asmx]]
An error occurred whilst performing an SSL socket operation - 1:[[createSocket]]; 2:[[java.net.SocketException: Unconnected sockets not implemented]]
second option, we extracted certificate by alias from jks and add in cacerts and created a new jks, this worked in WMB, but at partner side its failing and we are getting error response
Then we extracted individually personal,intermediate and Root certificates from pfx certificate.
In this tried two option,
1. We created jks out of pfx, this has 3 chain entries and added intermediate/root explcitly to JKS. but when tested, we got again " unconnected socket not implemented exception"
2. when then created a new jks- add only personal certificate to it and then added intermediate and trusted to cacerts, and we then got error reply from partner - "certificate error basically"
WMB 6.1.0.8 on AIX Server.
Can you please help us in this.
_________________
Regards,
SKK |
|
| Back to top |
|
 |
| mqjeff |
| Posted: Sun Oct 07, 2012 4:25 am Post subject: |
|
|
Grand Master
Joined: 25 Jun 2008
Posts: 17447
|
|
| Back to top |
|
|
| SKK |
| Posted: Mon Oct 08, 2012 5:44 am Post subject: |
|
|
Acolyte
Joined: 09 May 2005
Posts: 67
|
Thanks Jeff
Artcile is for WMB v8, We are using WMB v6.1
Anycase, we have created keystore (added personal certificate) and added intermediate/root in cacerts.
we have changed broker properties and mqsisetdbparms
bounced broker as well. still no luck 
_________________
Regards,
SKK |
|
| Back to top |
|
|
| fjb_saper |
| Posted: Mon Oct 08, 2012 11:12 am Post subject: |
|
|
Grand High Poobah
Joined: 18 Nov 2003
Posts: 20756
Location: LI,NY
|
| SKK wrote: |
Thanks Jeff
Artcile is for WMB v8, We are using WMB v6.1
Anycase, we have created keystore (added personal certificate) and added intermediate/root in cacerts.
we have changed broker properties and mqsisetdbparms
bounced broker as well. still no luck |
Have you verified by any other means, (java etc...) that the certs will work at all? May be you have a bad combination?
Have fun 
_________________
MQ & Broker admin |
|
| Back to top |
|
|
| mqjeff |
| Posted: Mon Oct 08, 2012 11:18 am Post subject: |
|
|
Grand Master
Joined: 25 Jun 2008
Posts: 17447
|
You might need to bounce the broker twice for certs to be picked up.
Particularly at 6.1...
There should be relatively the same information in the v6.1 info center, with a bit of hunting around. |
|
| Back to top |
|
|
|
|
|
| |
|
Page 1 of 1 |
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
|
|
