| |
|
RSS Feed - WebSphere MQ Support
|
RSS Feed - Message Broker Support
|
  |
|
| SSL with Jboss and MQ |
« View previous topic :: View next topic » |
| Author |
Message
|
| rmah |
 Posted: Wed May 21, 2008 9:26 am Post subject: SSL with Jboss and MQ |
 |
|
Centurion
Joined: 04 May 2007
Posts: 142
|
Hi all,
I'm getting this error when trying to configure Jboss to connect to MQ:
Remote channel 'BONES.SSL.SVRCONN' did not specify a CipherSpec when the local
channel expected one to be specified. The channel did not start.
ACTION:
Change the remote channel 'BONES.SSL.SVRCONN' to specify a CipherSpec so that
both ends of the channel have matching CipherSpecs.
The server-connection channel on the queue manager, BONES.SSL.SVRCONN, is SSL enabled. I have also setup a client-connection channel, BONES.SSL.CLNTCONN, with SSL enabled. Both channels specify the NULL_SHA CipherSpec.
What is this 'remote channel' the error message talks about? Is it specified somewhere in the Jboss config files?
This is on a Linux system, and the environment variables MQCHLTAB, MQCHLLIB, and MQSSLKEYR have been sourced for the 'jboss' user, the user Jboss runs as.
Thanks! 
_________________
MQ 6.0.2.3
Broker 6.0.0.7
for Linux |
|
| Back to top |
|
 |
| David.Partridge |
| Posted: Wed May 21, 2008 11:23 pm Post subject: |
|
|
Master
Joined: 28 Jun 2001
Posts: 249
|
At least one issue here, the clntconn and svrconn channels must have the same name.
Can't comment on why you're getting that exact message - have you by any horrid chance enable channel auto definition on the QMGR? Don't do that - its a vast security hole waiting to happen.
_________________
Cheers,
David C. Partridge |
|
| Back to top |
|
|
| rmah |
| Posted: Thu May 22, 2008 9:16 am Post subject: |
|
|
Centurion
Joined: 04 May 2007
Posts: 142
|
| David.Partridge wrote: |
At least one issue here, the clntconn and svrconn channels must have the same name.
Can't comment on why you're getting that exact message - have you by any horrid chance enable channel auto definition on the QMGR? Don't do that - its a vast security hole waiting to happen. |
Should the connection name for the client connection be the hostname and port of the queue manager or the host name and port of the application Jboss?
thanks!
_________________
MQ 6.0.2.3
Broker 6.0.0.7
for Linux |
|
| Back to top |
|
|
| fjb_saper |
| Posted: Thu May 22, 2008 6:16 pm Post subject: |
|
|
Grand High Poobah
Joined: 18 Nov 2003
Posts: 20756
Location: LI,NY
|
| rmah wrote: |
| David.Partridge wrote: |
At least one issue here, the clntconn and svrconn channels must have the same name.
Can't comment on why you're getting that exact message - have you by any horrid chance enable channel auto definition on the QMGR? Don't do that - its a vast security hole waiting to happen. |
Should the connection name for the client connection be the hostname and port of the queue manager or the host name and port of the application Jboss?
thanks! |
As specified by David the clntconn and svrconn channels need to be paired.
This pairing is done on the channel name. So clntconn and svrconn need to have the same channel name (case matters).
The clntconn needs to point to the server so the conname of the clntconn should be ('MQ server host(MQ server port)')
Enjoy 
_________________
MQ & Broker admin |
|
| Back to top |
|
|
|
|
|
| |
|
Page 1 of 1 |
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
|
|
