| |
|
RSS Feed - WebSphere MQ Support
|
RSS Feed - Message Broker Support
|
  |
|
| Error using Policy Set Bindings |
« View previous topic :: View next topic » |
| Author |
Message
|
| BeTheChange |
 Posted: Fri Jun 26, 2015 11:30 am Post subject: Error using Policy Set Bindings |
 |
|
Newbie
Joined: 22 Apr 2014
Posts: 7
|
Hi All,
I'm trying to setup and use a Policy Set & Binding in my IIB Version: 9.0.0.1-IFix.
Went through infocenter and followed all the instructions (ok, most of them; I believe  ). Still, I think I'm missing something here.
I've followed the below steps
## Set the Policy Set (TEST_PS) and Binding (TEST_PSB) in that broker
## Add broker keystore file to broker registry
| Code: |
| mqsichangeproperties USUS0104 -o BrokerRegistry -n brokerKeystoreFile -v /WMBIntegrations/Temp/ServerKS.jks |
## Add broker truststore file to broker registry
| Code: |
| mqsichangeproperties USUS0104 -o BrokerRegistry -n brokerTruststoreFile -v /WMBIntegrations/Temp/ServerTS.jks |
## Stop the broker
## Setup the Keystore & Truststore passwords (devtest is the correct password for both jks files)
| Code: |
mqsisetdbparms USUS0104 -n brokerKeystore::password -u temp -p devtest
mqsisetdbparms USUS0104 -n brokerTruststore::password -u temp -p devtest |
## Start the broker
## Check the BrokerRegistry Settings
| Code: |
mqsireportproperties USUS0104 -o BrokerRegistry -a
BrokerRegistry
uuid='BrokerRegistry'
brokerKeystoreType='JKS'
brokerKeystoreFile='/WMBIntegrations/Temp/ServerKS.jks'
brokerKeystorePass='brokerKeystore::password'
brokerTruststoreType='JKS'
brokerTruststoreFile='/WMBIntegrations/Temp/ServerTS.jks'
brokerTruststorePass='brokerTruststore::password'
brokerCRLFileList=''
httpConnectorPortRange=''
httpsConnectorPortRange=''
brokerKerberosConfigFile=''
brokerKerberosKeytabFile=''
modeExtensions=''
operationMode='advanced'
shortDesc=''
longDesc=''
|
## Deploy the bar file
| Code: |
| mqsideploy USUS0104 -e NA_EG_07 -a /WMBIntegrations/Temp/IC0157_WSS.bar |
Above mqsideploy throws the following error
| Code: |
BIP1039I: Deploying BAR file '/WMBIntegrations/Temp/IC0157_WSS.bar' to broker 'USUS0104' (execution group 'NA_EG_07') ...
BIP1093E: The broker rejected the deployment request and reported the following error(s):
BIP2087E: Broker 'USUS0104' was unable to process the internal configuration message.
The entire internal configuration message failed to be processed successfully.
Use the messages following this message to determine the reasons for the failure. If the problem cannot be resolved after reviewing these messages, contact your IBM Support center. Enabling service trace may help determine the cause of the failure.
BIP4041E: Execution group 'NA_EG_07' received an administration request that encountered an exception.
While attempting to process an administration request, an exception was encountered. No updates have been made to the configuration of the execution group.
Review related error messages to determine why the administration request failed.
BIP3726E: Failed to setup SOAP transport for node SOAP Input.
The SOAP nodes rely on the configuration of the SOAP transport layer within the broker, and this has not been initialised correctly. The node will not be operational until the problems have been corrected.
Determine the cause of the error and correct it. Subsequent error messages may contain more information.
BIP3728E: Configuration of WS-Security layer using policy set 'TEST_PS' and policy set binding 'TEST_PSB' failed.
WS-Security configuration requires correctly initialised policy set and policy set binding information in order to succeed. An error has occurred whilst attempting to use policy set 'TEST_PS' and policy set binding 'TEST_PSB'. Common causes are:
1: Either the policy set name or policy set binding name is missing from the node (or flow) configuration.
2: If X.509 tokens are being used, including implicit usage such as signing or encryption, the keystore and/or truststore is not be set correctly.
However, this may be an internal error, possibly due to a faulty installation. A review of the exception text may indicate a solution.
Determine the cause of the error and correct it. Subsequent error messages may contain more information.
BIP3663E: The broker registry runtime property 'brokerTruststorePass in mqsisetdbparms' required by the policy set or policy set binding 'TEST_PSB' is not defined.
A policy set or policy set binding requires a broker registry runtime property, but the property has not been defined in the broker.
Define the broker registry runtime property in the broker using mqsichangeproperties. Stop and start the message flow or redeploy the bar file depending on the action that caused the initial error.
BIP2871I: The request made by user 'wmbusr' to 'deploy' the resource '/WMBIntegrations/Temp/IC0157_WSS.bar' of type 'BAR' on parent 'NA_EG_07' of type 'ExecutionGroup' has the status of 'FAILED'. |
I tried settting up the brokerTruststore password, restarted the broker and tried the BAR deployment again and again. But getting the same exception.
| Code: |
| mqsisetdbparms USUS0104 -n brokerTruststore::password -u temp -p devtest |
What am I missing here? 
Any help is greatly appreciated.  |
|
| Back to top |
|
 |
| fjb_saper |
| Posted: Fri Jun 26, 2015 11:58 am Post subject: |
|
|
Grand High Poobah
Joined: 18 Nov 2003
Posts: 20696
Location: LI,NY
|
You do realize of course that you want to check that the truststore and keystore you have set up is accessible by the embedded listener at eg level as that is the one used by default by SOAP nodes...
Have fun 
_________________
MQ & Broker admin |
|
| Back to top |
|
|
| BeTheChange |
| Posted: Fri Jun 26, 2015 12:25 pm Post subject: |
|
|
Newbie
Joined: 22 Apr 2014
Posts: 7
|
That was awesome fjb_saper.... 
I realized I'm using the embedded listener; setup the trust & keystore details at EG level HTTPSconnector and it worked.... 
Thank you so much.... |
|
| Back to top |
|
|
| sandeep.nandanwar |
| Posted: Sun Jan 31, 2016 9:44 pm Post subject: |
|
|
Novice
Joined: 21 Jan 2015
Posts: 13
|
Any Idea how this was done..
M facing the same issue.
Really appreciate the response.
Thanks,
Sandeep |
|
| Back to top |
|
|
| smdavies99 |
| Posted: Sun Jan 31, 2016 10:47 pm Post subject: |
|
|
Jedi Council
Joined: 10 Feb 2003
Posts: 6076
Location: Somewhere over the Rainbow this side of Never-never land.
|
There are a good number of discussions in this forum about this issue.
Have you looked at them?
I'm sure that at least one will give you pointers as to your next step.
_________________
WMQ User since 1999
MQSI/WBI/WMB/'Thingy' User since 2002
Linux user since 1995
Every time you reinvent the wheel the more square it gets (anon). If in doubt think and investigate before you ask silly questions. |
|
| Back to top |
|
|
|
|
|
| |
|
Page 1 of 1 |
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
|
|
