Mq Error 2381
Contents |
replies Latest Post - 2013-04-23T18:22:19Z by peterfa Display:ConversationsBy Date 1-12 of 12 Previous Next peterfa 200000234J 38 Posts Pinned topic SSL Channel not working 2013-04-22T12:46:28Z | Tags:
Mq Error 2393
Answered question This question has been answered. Unanswered question This question has compcode: 2, reason: 2393 not been answered yet. I am trying to connect to a queue manager on AIX from a
Mqsslkeyr
windows desktop, using an SSL channel with CipherSpec. The error I am getting is the following message on the queue manager side: AMQ9639: Remote channel 'SSL.SVRCONN' did not mqrc_key_repository_error specify a CipherSpec. I have taken what I believe to be the steps needed to set this up, but I guess I have missed something. I created a SVRCONN channel called SSL.SVRCONN, and specified an SSL Cipher Spec of DES_SHA_EXPORT. I created a CLNTCONN channel of the same name specifying DES_SHA_EXPORT in it also, and copied the file amq9642 AMQCLCHL.TAB from the AIX system to the windows system. I created certificates on both sides, extracted the public part on each side and imported it into the other side. The SSL connection works fine if I do not specify a CipherSpec. The error message is suggesting that I am missing the Cipherspec on the windows side ( which is the remote side ). I have looked at the file AMQCLCHL.TAB with a hex viewer, and I can see that DES_SHA_EXPORT is in there. ( It came from thr CLNTCONN channel I created on the server side ). Does anyone have an idea as to what I might have missed when adding aCipherSpec value on the SVRCONN and CLNTCONN channels ? Log in to reply. Updated on 2014-03-28T16:53:24Z at 2014-03-28T16:53:24Z by Morag Hughson peterfa 200000234J 38 Posts ACCEPTED ANSWER Re: SSL Channel not working 2013-04-23T18:22:19Z Morag Hughson 110000EQPN 2013-04-23T18:12:32Z You're going to have to get in touch with the authors of the program to find out how to mak
RSS Feed - WebSphere MQ Support RSS Feed - Message Broker Support
Mq Ssl
MQSeries.net Forum Index » IBM MQ Security » MQSERIES SSL w/MQMON issue MQSERIES SSL w/MQMON issue « View previous topic :: mqrc=2393\ View next topic » Author Message gctaz69 Posted: Wed Apr 17, 2013 7:53 am Post subject: MQSERIES SSL w/MQMON issue NewbieJoined: 17 Apr 2013Posts: 3
Amq9637: Channel Is Lacking A Certificate.
I'm unable to connect MQMON to remote qmgr w/SSL I’m getting the error from MQMON: 09:10:52 Error connecting via client to 'QMGR99' RC(2381) SSL Key Repository error The MQ error log provides: 4/17/2013 09:44:52 - Process(3936.122) User(calderong) Program(mqmonntp.exe) Host(NANYDT135) AMQ9660: SSL https://www.ibm.com/developerworks/community/forums/html/topic?id=141eecd0-7c09-467f-bfed-f45739c6cf6e key repository: password stash file absent or unusable. EXPLANATION: The SSL key repository cannot be used because MQ cannot obtain a password to access it. Reasons giving rise to this error include: (a) the key database file and password stash file are not present in the location configured for the key repository, (b) the key database file exists in the correct place but that no password stash file has been created for it, (c) the files are present in the correct http://www.mqseries.net/phpBB2/viewtopic.php?t=64027&sid=0a3e229b4c925b3fd1d9aa85b04a0537 place but the userid under which MQ is running does not have permission to read them, (d) one or both of the files are corrupt. The channel is 'SYSTEM.DEF.SVRCONN'; in some cases its name cannot be determined and so is shown as '????'. The channel did not start. ACTION: Ensure that the key repository variable is set to where the key database file is. Ensure that a password stash file has been associated with the key database file in the same directory, and that the userid under which MQ is running has read access to both files. If both are already present and readable in the correct place, delete and recreate them. Restart the channel. My Setup is: On The Server Side • Created keystore.kdb on MQ server and stashed password • Created self-signed certificate on MQ server • Extracted the public part of a self-signed certificate from a key repository • Updated Qmgr w/keystore location • Set up server connection channel w/SSL CIPHERSPEC “RC4_MD5_US” • Refreshed SSL Security On the MQMON Client side • Created keystore.kdb on MQ server and stashed password • Added previously extracted the public part of a self-signed certificate into key repository • Added remote qmgr location to MQMON. In client config o inserted ssl repository C:\Program Files\IBM\WebSphere MQ\keystore.kdb (the location of the keystore on the local machine) o inserted ssl Cipher Spec “RC4_MD5_US” Back to top fjb_saper Posted: Wed Apr 17, 2013 8:35 pm Post subject: Gr
here for a quick http://stackoverflow.com/questions/14740778/issues-getting-application-to-work-net-webspheremq-ibm-xms-with-ssl overview of the site Help Center Detailed answers to any questions you might have Meta Discuss the workings and policies of this site About Us Learn more about Stack Overflow the company Business Learn more about hiring developers or posting ads with us mq error Stack Overflow Questions Jobs Documentation Tags Users Badges Ask Question x Dismiss Join the Stack Overflow Community Stack Overflow is a community of 6.2 million programmers, just like you, helping each other. Join them; it only takes a minute: Sign up Issues mq error 2381 getting application to work, .NET WebsphereMQ (IBM.XMS) with SSL up vote 0 down vote favorite 1 I'm trying to connect to a channel for pub/sub by topic. I'm running in unmanaged mode because that's the only mode that supports SSL. I've specified the CIPHER SPEC and KEY_REPO where the key is key.kdb in the same directory as the application (I've also tried the full path to the key store but that doesn't work either). There is an associated key.sth in there contaning the password (encrypted) for using the certificate. Below is the code snippet, less connection strings and other sensitive info. XMSFactoryFactory factoryFactory = XMSFactoryFactory.GetInstance(XMSC.CT_WMQ); IConnectionFactory connectionFactory = factoryFactory.CreateConnectionFactory(); connectionFactory.SetIntProperty(XMSC.WMQ_CONNECTION_MODE, XMSC.WMQ_CM_CLIENT_UNMANAGED); connectionFactory.SetStringProperty(XMSC.WMQ_HOST_NAME, "hostName"); connectionFactory.SetIntProperty(XMSC.WMQ_PORT, 1234); connectionFactory.SetStringProperty(XMSC.WMQ_CHANNEL, "Channel"); connectionFactory.SetStringProperty(XMSC.WMQ_QUEUE_MANAGER, "QueueManager"); connectionFactory.SetStringProperty(XMSC.WMQ_SSL_CIPHER_SPEC, "NULL_SHA"); connectionFactory.SetStringProperty(XMSC.WMQ_SSL_KEY_REPOSITORY, @"key"); connection = co