Announcement Announcement Module
Collapse
No announcement yet.
Spring MQ SSL Connection Issue Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Spring MQ SSL Connection Issue

    Hi,

    In my application I am connecting MQ using spring. In case of non-SSL connection it works fine. But when I tried SSL connection it is throwing exception. Following are the Spring configuration:

    <bean id="JmsTemplate"
    class="org.springframework.jms.core.JmsTemplate">
    <property name="connectionFactory"
    ref="MQcredentialsconnectionFactory" />
    <property name="defaultDestinationName" value="${mq.queueName}" />
    <property name="explicitQosEnabled" value="true" />
    </bean>

    <bean id="MQcredentialsconnectionFactory"
    class="org.springframework.jms.connection.UserCred entialsConnectionFactoryAdapter">
    <property name="targetConnectionFactory"
    ref="MQconnectionFactoryparams" />
    <property name="username" value="${mq.userName}" />
    <property name="password" value="${mq.userPassword}" />
    </bean>

    <bean id="MQconnectionFactoryparams"
    class="com.ibm.mq.jms.MQQueueConnectionFactory">
    <property name="transportType" value="${mq.transportType}" />
    <property name="queueManager" value="${mq.queueManager}" />
    <property name="hostName" value="${mq.hostName}" />
    <property name="port" value="${mq.port}" />
    <property name="channel" value="${mq.channel}" />
    <property name="SSLCipherSuite" value="SSL_RSA_WITH_3DES_EDE_CBC_SHA" />
    </bean>

    For ssl connection I have added two new properties.
    1. <property name="SSLCipherSuite" value="SSL_RSA_WITH_3DES_EDE_CBC_SHA" />
    2. javax.net.ssl.trustStore={path to trustStore}

    When I run non-SSL and SSL connection in a JAVA standalone class it works fine.
    Exception occurs only in case of SSL connection using Spring.

    Uncategorized exception occured during JMS processing; nested exception is javax.jms.JMSException: MQJMS2005: failed to create MQQueueManager for 'ent-hubdev1_svc.uk.fid-intl.com:ENTH2D1'; nested exception is com.ibm.mq.MQException: MQJE001: An MQException occurred: Completion Code 2, Reason 2059
    MQJE013: Error accessing socket streams


    Can somebody help what I am missing here? How can I resolve this issue?

    Thanks,
    Arun

  • #2
    First, please use [ CODE ] and [ CODE /] (without the spaces) to surround code blocks in your posts (makes it easier to read).

    I'd recommend googling the error code. It looks like it might be an issue with the referenced Queue Manager not yet being started.

    Comment


    • #3
      Hi Mark,

      Thanks for your reply. As i said I am able to connect to same Queue Manager from Spring in SSL environment. Also same is accessible from JAVA standalone program both in SSL and non-SSL environment.

      Do you see any other reason?

      Thanks,
      Arun

      Comment


      • #4
        I don't see anything obvious. There must be something different between the configuration you are using in the 2 cases, so I'd check that carefully. Spring is not doing anything other than using what you provide to connect.

        Comment


        • #5
          Hi Mark,

          I would like to highlight one more thing. I also checked Windows Event Viewer and I found that it is trying to connect host "XYZ" while I am passing host "ABC". In case of non-SSL it works perfectly and connect to provided server.

          An early reply would be very helpful.

          Thanks,
          Arun

          Comment


          • #6
            Like I said, double check your configuration (I'd start with the placeholders). I can't help you with anything else, because Spring is not doing anything other than using what you configure to establish a connection.

            Comment


            • #7
              Two options to help diagnose:

              - run the spring java app with -Djavax.net.debug=ssl option. This will give a lot of SSL debug output
              - check the queue manager log file, see if a connection attempt is even made

              I notice you set javax.net.ssl.trustStore, but not javax.net.ssl.trustStorePassword? Is your JKS file password protected?

              Comment


              • #8
                Also, read up on TransportType for MQConnectionFactory

                http://publib.boulder.ibm.com/infoce...onFactory.html

                By default the transport type is 0. This is bindings mode. You probably want to set it to 1. This is client (TCP) mode.

                Code:
                <property name="transportType" value="1" />

                Comment


                • #9
                  Hi,

                  This issue is resolved now. It was resolved when I removed environment property javax.net.ssl.trustStore. I am using this property only in standalone java program. In case of websphere I am using websphere's trust store with SSL related certificates imported into it.

                  Thanks everybody for your responses.

                  Comment


                  • #10
                    Originally posted by atlas View Post
                    Hi,

                    This issue is resolved now. It was resolved when I removed environment property javax.net.ssl.trustStore. I am using this property only in standalone java program. In case of websphere I am using websphere's trust store with SSL related certificates imported into it.

                    Thanks everybody for your responses.
                    Hi Atlas,
                    If we need to pass trust store how to do that? Is there any document on Spring MQ SSL connection setup? I'm trying to explore this option.
                    Thanks
                    Sri

                    Comment

                    Working...
                    X