| Author |
Message
|
| sherrylphilip |
 Posted: Tue Oct 27, 2015 12:38 pm Post subject: WMB SOAP Flow with HTTPS |
 |
|
Newbie
Joined: 27 Oct 2015
Posts: 4
|
Hi,
I have a Application that has 3 SOAP Input Node , out of which 2 are regular HTTP and one use HTTPS.
The message flow that uses the HTTPS flow is not recognized in the QA environment in the execution group. I have enabled Embedded Listener on the Broker.
Dev Environment - Flow
mqsireportproperties DEVBROKER -e WA_EG -o HTTPSConnector -r
HTTPSConnector
uuid='HTTPSConnector'
userTraceLevel='none'
traceLevel='none'
userTraceFilter='none'
traceFilter='none'
port='7843'
address=''
maxPostSize=''
acceptCount=''
compressableMimeTypes=''
compression=''
connectionLinger=''
connectionTimeout=''
maxHttpHeaderSize=''
maxKeepAliveRequests=''
maxThreads=''
minSpareThreads=''
noCompressionUserAgents=''
restrictedUserAgents=''
socketBuffer=''
tcpNoDelay=''
explicitlySetPortNumber=''
enableLookups=''
enableMQListener=''
shutdownDelay=''
allowCrossConnectorPolling=''
autoRespondHTTPHEADRequests=''
algorithm=''
clientAuth=''
keystoreFile=''
keystorePass='********'
keystoreType=''
truststoreFile=''
truststorePass='********'
truststoreType=''
sslProtocol=''
ciphers=''
keypass='********'
keyAlias=''
sslSessionTimeout=''
crlFile=''
propagateClientCert=''
sessionCacheSize=''
Connector
cachedSSLSessions='0'
port='7843'
type='Embedded'
URLRegistration
url='/EdiSystemStatusService'
outstandingRequests='0'
UsedBySOAPNNodes='TRUE'
UsedByHTTPNNodes='FALSE'
nodeLabel='SOAP Input'
QA environment :
mqsireportproperties QABROKER -e EDService -o HTTPSConnector -r
HTTPSConnector
uuid='HTTPSConnector'
userTraceLevel='none'
traceLevel='none'
userTraceFilter='none'
traceFilter='none'
port='0'
address=''
maxPostSize=''
acceptCount=''
compressableMimeTypes=''
compression=''
connectionLinger=''
connectionTimeout=''
maxHttpHeaderSize=''
maxKeepAliveRequests=''
maxThreads=''
minSpareThreads=''
noCompressionUserAgents=''
restrictedUserAgents=''
socketBuffer=''
tcpNoDelay=''
explicitlySetPortNumber='7843'
enableLookups=''
enableMQListener=''
shutdownDelay=''
allowCrossConnectorPolling=''
autoRespondHTTPHEADRequests=''
algorithm=''
clientAuth=''
keystoreFile=''
keystorePass='********'
keystoreType=''
truststoreFile=''
truststorePass='********'
truststoreType=''
sslProtocol=''
ciphers=''
keypass='********'
keyAlias=''
sslSessionTimeout=''
crlFile=''
propagateClientCert=''
sessionCacheSize=''
I have checked the soapNodesUseEmbeddedListener and the value is true.
Please advice why this service is not enabled on the QA box. |
|
| Back to top |
|
 |
| mqjeff |
| Posted: Wed Oct 28, 2015 5:02 am Post subject: |
|
|
Grand Master
Joined: 25 Jun 2008
Posts: 17447
|
Are you sure that port 7843 isn't in use by something else on the QA machine?
Are you sure you deployed the flow that uses HTTPS ?
Are you getting errors in the syslog ?
_________________
chmod -R ugo-wx / |
|
| Back to top |
|
|
| fjb_saper |
| Posted: Wed Oct 28, 2015 5:06 am Post subject: |
|
|
Grand High Poobah
Joined: 18 Nov 2003
Posts: 20756
Location: LI,NY
|
Where does your https connector get its key/truststore information from? 
_________________
MQ & Broker admin |
|
| Back to top |
|
|
| sherrylphilip |
| Posted: Wed Oct 28, 2015 5:33 am Post subject: |
|
|
Newbie
Joined: 27 Oct 2015
Posts: 4
|
mqjeff
I dont see anything else use this port 7843 on the other execution groups.
I have deployed the same flow to DEV and QA with https. I am able to access DEV flow using the SOAPUI tool.
fjb_saper
I haven't imported any SSL certs in DEV - but it works there though. |
|
| Back to top |
|
|
| mqjeff |
| Posted: Wed Oct 28, 2015 6:15 am Post subject: |
|
|
Grand Master
Joined: 25 Jun 2008
Posts: 17447
|
I'm not just asking about the other EGs.
I'm asking about the *entire* server. netstat -a | grep 7843
_________________
chmod -R ugo-wx / |
|
| Back to top |
|
|
| sherrylphilip |
| Posted: Wed Oct 28, 2015 6:24 am Post subject: |
|
|
Newbie
Joined: 27 Oct 2015
Posts: 4
|
Port 7843 is not listening.
Port 7800 is listening for HTTP
I get nothing back when I run netstat -a | grep 7843
bash-3.2$ netstat -a | grep 7800
tcp 0 0 *.7800 *.* LISTEN
bash-3.2$ netstat -a | grep 7843 |
|
| Back to top |
|
|
| fjb_saper |
| Posted: Wed Oct 28, 2015 1:36 pm Post subject: |
|
|
Grand High Poobah
Joined: 18 Nov 2003
Posts: 20756
Location: LI,NY
|
| sherrylphilip wrote: |
mqjeff
I dont see anything else use this port 7843 on the other execution groups.
I have deployed the same flow to DEV and QA with https. I am able to access DEV flow using the SOAPUI tool.
fjb_saper
I haven't imported any SSL certs in DEV - but it works there though. |
You may not have imported/created any. Are you sure nobody else did?
Hint there is a broker wide scope, a broker listener scope and an e.g. scope.
You will need either the broker wide scope or the e.g. scope.
_________________
MQ & Broker admin |
|
| Back to top |
|
|
| sherrylphilip |
| Posted: Thu Oct 29, 2015 4:21 am Post subject: |
|
|
Newbie
Joined: 27 Oct 2015
Posts: 4
|
fjb_saper,
You are right. The admins did create the certs and they are fine.
In the stderr logs, I have this following error.
2015-10-28 12:51:15.625670 Execution group started. UUID is: '3427501c-4a01-0000
-0080-d392f3cf4200'. Broker is: QABROKER
2015-10-28 12:51:33.781 25 java.lang.Exception: Couldn't start connector on
port java.io.IOException: Keystore was tampered with, or password was incorrect
The admins did verify the keystorepassword. The only thing I have a concern is the certificate for the alias name of the server is incorrect, when the server name is wmbasqa3a.
Alias name: wmbasqa
Creation date: Mar 21, 2012
Entry type: keyEntry
I am trying to use the EG scope and have confirmed that the Embedded listener is working for regular HTTP for this EG. |
|
| Back to top |
|
|
|
|
