| |
|
RSS Feed - WebSphere MQ Support
|
RSS Feed - Message Broker Support
|
  |
|
| SSL Troubles with Client To Server |
« View previous topic :: View next topic » |
| Author |
Message
|
| guenter1978 |
 Posted: Fri Jan 21, 2005 5:07 am Post subject: SSL Troubles with Client To Server |
 |
|
Novice
Joined: 21 Jan 2005
Posts: 12
Location: Austria
|
Hello,
I tried to establish a SSL secured connection from Client to a QueueManager.
If I look into error log I get this errormessage:
| Code: |
21.01.2005 13:52:43
AMQ9641: Ungültiger SSL-Peer-Name, Kanal 'SYSTEM.DEF.SVRCONN', Attribut ''.
ERKLÄRUNG:
Der SSL-Peer-Name für Kanal 'SYSTEM.DEF.SVRCONN' enthält den Attributschlüssel
'' für den vollqualifizierten Namen, der ungültig ist oder nicht unterstützt
wird. Der Kanal wurde nicht gestartet.
AKTION:
Korrigieren Sie den SSL-Peer-Namen für den Kanal. Starten Sie den Kanal erneut.
----- amqrfpta.c : 334 --------------------------------------------------------
|
This message told me, that I am using no valid peername for the channel 'SYSTEM.DEF.SVRCONN'. But if I looked up in 'SSL' Tabsheet of properties dialog of channel 'SYSTEM.DEF.SVRCONN', the checkmark for using only certificates with distinguished names is _not_ checked.
I obtained from globalsign a test certificate. This certificate I add to the queue manager in WebSphere MQ.
The client is a self written programm using delphi and the mqic32.dll.
The code for the connect procedure look like this:
| Code: |
procedure Connect_Remote(const AQueueManager, AHost: string;
const APort: integer; const AChannelName: string; out ACompCode, AReason: MQLONG);
var
lConnect_options: TMQCNO;
lOptions: TMQCD;
lMQSCO: PMQSCO;
lMQAIR: PMQAIR;
lPeerName: string;
begin
setMQCNO_DEFAULT(lConnect_options);
SetMQCD_CLIENT_CONN_DEFAULT(lOptions);
with lOptions do
begin
StrPLCopy(QMgrName, AQueueManager, sizeof(QMgrName));
StrPCopy(ChannelName, 'SYSTEM.DEF.SVRCONN');
StrPLCopy(ConnectionName, AHost + '(' + IntToStr(APort) + ')',
sizeof(ConnectionName));
SSLClientAuth := 1; //Optional Authentication = 1; Required = 0
SSLCipherSpec := 'TRIPLE_DES_SHA_US';
lPeerName := 'CN=123 O=123 OU=123 L=123 ST=123 C=123';
SSLPeerNamePtr:= @lPeerName; // MQPTR; (* Address of SSL peer name *)
SSLPeerNameLength:=length(lPeerName); // MQLONG; (* Length of SSL peer name *)
end;
lConnect_options.ClientConnPtr := @lOptions;
lConnect_options.Version := MQCNO_VERSION_4;
lMQSCO := new(PMQSCO);
lMQSCO^.StrucId := 'SCO ';
lMQSCO^.Version := 1;
lMQSCO^.CryptoHardware := '';
lMQSCO^.KeyRepository := '"C:\Programme\IBM\WebSphere MQ\qmgrs\qmgrs\QM1\ssl\key"';
lMQAIR := new(PMQAIR);
lMQAIR^.AuthInfoConnName := '';
lMQAIR^.AuthInfoType := 1;
lMQAIR^.LDAPPassword := '';
lMQAIR^.LDAPUserNameLength := 0;
lMQAIR^.LDAPUserNameOffset := 0;
lMQAIR^.LDAPUserNamePtr := nil;
lMQAIR^.StrucId := 'AIR ';
lMQAIR^.Version := 1;
lMQSCO^.AuthInfoRecPtr := lMQAIR;
lMQSCO^.AuthInfoRecOffset := 0;
lMQSCO^.AuthInfoRecCount := 1;
lConnect_options.SSLConfigPtr := lMQSCO;
lConnect_options.SSLConfigOffset := 0;
MQCONNX(lOptions.QMgrName, // Connection manager name
lConnect_options, // Connection options
FHconn, // Connection Handle
ACompCode, // Completition Code
AReason); // FReason
end;
|
Can anybody tell me what I am doing wrong?
Perhaps it is useful to know, I am using WebSphere 5.3 CSD01. |
|
| Back to top |
|
 |
|
|
|
| |
|
Page 1 of 1 |
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
|
|
