| Author |
Message
|
| ammx |
 Posted: Sat Aug 04, 2018 7:14 pm Post subject: Connection between MQ and a DB |
 |
|
Acolyte
Joined: 08 Sep 2017
Posts: 50
|
Hi
I get the following error message in the qmgr error logs while trying to connect a DB to MQ
AMQ9639: Remote channel 'Q_SRVR_CHNL' did not specify a CipherSpec.
EXPLANATION:
Remote channel 'Q_SRVR_CHNL' did not specify a CipherSpec when the local
channel expected one to be specified.
The remote host is '........ (xx.xx.xx.xxx)'.
In the remote host i have the svrconn channel configured in the .profile file of the user that is trying to connect
PATH=$PATH:/usr/bin:/etc:/usr/sbin:/usr/ucb:$HOME/bin:$HOME/lbin:/usr/bin/X11:/sbin:.
export PATH
if [ -s "$MAIL" ] # This is at Shell startup. In normal
then echo "$MAILMSG" # operation, the Shell checks
fi # periodically.
# Added for MQ Client - MQ Server is
#######################################################
export LIBPATH=$LIBPATH:/usr/mqm/java/lib64
export ASNUSEMQCLIENT=TRUE
export MQSERVER=Q_SRVR_CHNL/TCP/'xx.xx.xx.xxx(60120)'
#######################################################
i already checked the remote host IP is fine and the qmgr is listening on port 60120
i tried to do it with CDDT also, but the issue persists
#######################################################
export LIBPATH=$LIBPATH:/usr/mqm/java/lib64
export ASNUSEMQCLIENT=TRUE
export MQCHLLIB=/var/mqm/qmgrs/MQPOK/@ipcc
export MQCHLTAB=AMQCLCHL.TAB
In the application side the error says "2058 (MQRC_Q_MGR_NAME_ERROR)" while issuing the WebSphere MQ command "MQCONN" on object "*".
what am I missing here? |
|
| Back to top |
|
 |
| fjb_saper |
| Posted: Sun Aug 05, 2018 9:12 am Post subject: |
|
|
Grand High Poobah
Joined: 18 Nov 2003
Posts: 20756
Location: LI,NY
|
Can you display the definition of the server connection channel?
Can you display the definition of the client connection channel? 
_________________
MQ & Broker admin |
|
| Back to top |
|
|
| bruce2359 |
| Posted: Sun Aug 05, 2018 11:12 am Post subject: Re: Connection between MQ and a DB |
|
|
Poobah
Joined: 05 Jan 2008
Posts: 9469
Location: US: west coast, almost. Otherwise, enroute.
|
| ammx wrote: |
AMQ9639: Remote channel 'Q_SRVR_CHNL' did not specify a CipherSpec.
EXPLANATION:
Remote channel 'Q_SRVR_CHNL' did not specify a CipherSpec when the local
channel expected one to be specified.
|
Both ends of an MQ channel must specify the exact same cipher suite.
_________________
I like deadlines. I like to wave as they pass by.
ב''ה
Lex Orandi, Lex Credendi, Lex Vivendi. As we Worship, So we Believe, So we Live. |
|
| Back to top |
|
|
| ammx |
| Posted: Mon Aug 06, 2018 2:53 pm Post subject: |
|
|
Acolyte
Joined: 08 Sep 2017
Posts: 50
|
this is the definition of the svrconn channel
DIS CHANNEL(Q_SRVR_CHNL) ALL
2 : DIS CHANNEL(QPOK_SRVR_CHNL) ALL
AMQ8414: Display Channel details.
CHANNEL(Q_SRVR_CHNL) CHLTYPE(SVRCONN)
ALTDATE(2018-07-10) ALTTIME(14.21.06)
CERTLABL( ) COMPHDR(NONE)
COMPMSG(NONE)
DESCR()
DISCINT(0) HBINT(300)
KAINT(AUTO) MAXINST(999999999)
MAXINSTC(999999999) MAXMSGL(4194304)
MCAUSER( ) MONCHL(QMGR)
RCVDATA( ) RCVEXIT( )
SCYDATA( ) SCYEXIT( )
SENDDATA( ) SENDEXIT( )
SHARECNV(10) SSLCAUTH(OPTIONAL)
SSLCIPH(TLS_RSA_WITH_AES_128_CBC_SHA256)
SSLPEER( ) TRPTYPE(TCP)
there is no clntconn channel definition on the server but the connection worked fine before setting the SSL just with the svrconn channel
and in the DB side i configured the SSL variables this way
/home/a1incol$ db2 get dbm config|grep -i ssl
SSL server keydb file (SSL_SVR_KEYDB) = /var/mqm/qmgrs/MQ/ssl/key2.kdb
SSL server stash file (SSL_SVR_STASH) = /var/mqm/qmgrs/MQ/ssl/key2.sth
SSL server certificate label (SSL_SVR_LABEL) = mqcert
SSL service name (SSL_SVCENAME) = xxxx<-port
SSL cipher specs (SSL_CIPHERSPECS) = TLS_RSA_WITH_AES_128_CBC_SHA256
SSL versions (SSL_VERSIONS) = TLSV12
SSL client keydb file (SSL_CLNT_KEYDB) = /home/qrepladm/ssl/qrepladm.kdb
SSL client stash file (SSL_CLNT_STASH) = /home/qrepladm/ssl/qrepladm.sth
the port is listening, the certificates are in place in each server, the cipher is the same |
|
| Back to top |
|
|
| gbaddeley |
| Posted: Mon Aug 06, 2018 3:24 pm Post subject: |
|
|
Jedi Knight
Joined: 25 Mar 2003
Posts: 2538
Location: Melbourne, Australia
|
| Quote: |
| In the application side the error says "2058 (MQRC_Q_MGR_NAME_ERROR)" while issuing the WebSphere MQ command "MQCONN" on object "*". |
What exactly is your application? What language is it written in?
| Quote: |
| export MQSERVER=Q_SRVR_CHNL/TCP/'xx.xx.xx.xxx(60120)' |
Remove this if you want to use SSL. MQI Client connection config via MQSERVER environment variable does not support SSL.
_________________
Glenn |
|
| Back to top |
|
|
| ammx |
| Posted: Thu Aug 09, 2018 12:31 pm Post subject: |
|
|
Acolyte
Joined: 08 Sep 2017
Posts: 50
|
| Application is a DB2 that is trying to connect to an MQ |
|
| Back to top |
|
|
| JosephGramig |
| Posted: Thu Aug 16, 2018 10:00 am Post subject: |
|
|
Grand Master
Joined: 09 Feb 2006
Posts: 1244
Location: Gold Coast of Florida, USA
|
You specified three environment variables:
Did you lookup those to find out what they do?
MQSERVER overrides the other two.
Do you know what the other two do?
With those other two set, do you know how to interrogate the CCDT?
Moderator, this question belongs in the topic "General IBM MQ Support". |
|
| Back to top |
|
|
| Vitor |
| Posted: Thu Aug 16, 2018 10:17 am Post subject: |
|
|
Grand High Poobah
Joined: 11 Nov 2005
Posts: 26093
Location: Texas, USA
|
| JosephGramig wrote: |
| Moderator, this question belongs in the topic "General IBM MQ Support". |
So moved
_________________
Honesty is the best policy.
Insanity is the best defence. |
|
| Back to top |
|
|
|
|
