MQ 配置SSL,连接至队列管理器“QMEMBFE_BOA”失败
最近使用mq需要连接mq服务器通道时使用ssl连接,按网上的教程配置了下,应用程序通过jms连接时,ssl握手失败。详细错误如下:Caused by: com.ibm.msg.client.jms.DetailedJMSException: JMSWMQ0018: 连接至队列管理器“QMEMBFE_BOA”失败,连接方式为“Client”,主机名为“localhost(32001)”。检查队列管理器是否已启动,如果正在以客户机方式运行,那么还要检查是否有侦听器在运行。请参阅链接的异常以获取更多信息。
at com.ibm.msg.client.wmq.common.internal.Reason.reasonToException(Reason.java:580)
at com.ibm.msg.client.wmq.common.internal.Reason.createException(Reason.java:216)
at com.ibm.msg.client.wmq.internal.WMQConnection.(WMQConnection.java:418)
at com.ibm.msg.client.wmq.factories.WMQConnectionFactory.createV7ProviderConnection(WMQConnectionFactory.java:6772)
at com.ibm.msg.client.wmq.factories.WMQConnectionFactory.createProviderConnection(WMQConnectionFactory.java:6151)
at com.ibm.msg.client.jms.admin.JmsConnectionFactoryImpl.createConnection(JmsConnectionFactoryImpl.java:280)
at com.ibm.mq.jms.MQConnectionFactory.createCommonConnection(MQConnectionFactory.java:6138)
at com.ibm.mq.jms.MQQueueConnectionFactory.createQueueConnection(MQQueueConnectionFactory.java:115)
at com.huateng.common.jms.pool.JNDIJMSFactoryImpl$QueueConnectionFactoryBean.createQueueConnection(JNDIJMSFactoryImpl.java:54)
at com.huateng.common.jms.pool.JNDIJMSFactoryImpl.getQueueConnection(JNDIJMSFactoryImpl.java:28)
at com.huateng.common.jms.pool.JMSPool.createNewQueueConnection(JMSPool.java:224)
at com.huateng.common.jms.pool.JMSPool.getQueueConnectionHolder(JMSPool.java:119)
at com.huateng.common.jms.pool.JMSPool.getLongQueueSession(JMSPool.java:87)
at com.huateng.common.jms.pool.JMSPool.getLongQueueSession(JMSPool.java:81)
at com.huateng.common.jms.JMSCommon.readObjectMessage(JMSCommon.java:722)
... 1 more
Caused by: com.ibm.mq.MQException: JMSCMQ0001: WebSphere MQ 调用失败,完成代码为“2”(“MQCC_FAILED”),原因为“2397”(“MQRC_JSSE_ERROR”)。
at com.ibm.msg.client.wmq.common.internal.Reason.createException(Reason.java:204)
... 14 more
Caused by: com.ibm.mq.jmqi.JmqiException: CC=2;RC=2397;AMQ9204: 与主机 'localhost(32001)' 的连接被拒绝。 [1=com.ibm.mq.jmqi.JmqiException[CC=2;RC=2397;AMQ9771: SSL 握手失败。 [1=javax.net.ssl.SSLHandshakeException[Remote host closed connection during handshake],3=localhost/127.0.0.1:32001 (localhost),4=SSLSocket.startHandshake,5=default]],3=localhost(32001),5=RemoteTCPConnection.protocolConnect]
at com.ibm.mq.jmqi.remote.api.RemoteFAP.jmqiConnect(RemoteFAP.java:1862)
at com.ibm.mq.jmqi.remote.api.RemoteFAP.jmqiConnect(RemoteFAP.java:1144)
at com.ibm.msg.client.wmq.internal.WMQConnection.(WMQConnection.java:337)
... 13 more
Caused by: com.ibm.mq.jmqi.JmqiException: CC=2;RC=2397;AMQ9771: SSL 握手失败。 [1=javax.net.ssl.SSLHandshakeException[Remote host closed connection during handshake],3=localhost/127.0.0.1:32001 (localhost),4=SSLSocket.startHandshake,5=default]
at com.ibm.mq.jmqi.remote.impl.RemoteTCPConnection.protocolConnect(RemoteTCPConnection.java:1140)
at com.ibm.mq.jmqi.remote.impl.RemoteConnection.connect(RemoteConnection.java:682)
at com.ibm.mq.jmqi.remote.impl.RemoteConnectionSpecification.getSessionFromNewConnection(RemoteConnectionSpecification.java:347)
at com.ibm.mq.jmqi.remote.impl.RemoteConnectionSpecification.getSession(RemoteConnectionSpecification.java:259)
at com.ibm.mq.jmqi.remote.impl.RemoteConnectionPool.getSession(RemoteConnectionPool.java:144)
at com.ibm.mq.jmqi.remote.api.RemoteFAP.jmqiConnect(RemoteFAP.java:1491)
... 15 more
Caused by: javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:801)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1089)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1116)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1100)
at com.ibm.mq.jmqi.remote.impl.RemoteTCPConnection$6.run(RemoteTCPConnection.java:1110)
at com.ibm.mq.jmqi.remote.impl.RemoteTCPConnection$6.run(RemoteTCPConnection.java:1103)
at java.security.AccessController.doPrivileged(Native Method)
at com.ibm.mq.jmqi.remote.impl.RemoteTCPConnection.protocolConnect(RemoteTCPConnection.java:1101)
... 20 more
Caused by: java.io.EOFException: SSL peer shut down incorrectly
at com.sun.net.ssl.internal.ssl.InputRecord.read(InputRecord.java:333)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:782)
... 27 more
配置的过程是:我本来有个ca发的jks,服务器证书 ,里面都有签署者证书和服务器证书。在队列管理器的ssl下指定到该证书库。客户端调用的时候也先调用该证书库,再进行连接。
mq 的通道配置如下 :
dis chl(BILL_SVR_CHL)
1 : dis chl(BILL_SVR_CHL)
AMQ8414: 显示通道细节。
CHANNEL(BILL_SVR_CHL) CHLTYPE(SVRCONN)
ALTDATE(2014-03-31) ALTTIME(15.32.47)
COMPHDR(NONE) COMPMSG(NONE)
DESCR( ) DISCINT(0)
HBINT(300) KAINT(AUTO)
MAXINST(999999999) MAXINSTC(999999999)
MAXMSGL(104857600) MCAUSER( )
MONCHL(QMGR) RCVDATA( )
RCVEXIT( ) SCYDATA( )
SCYEXIT( ) SENDDATA( )
SENDEXIT( ) SHARECNV(10)
SSLCAUTH(OPTIONAL) SSLCIPH(RC4_SHA_US)
SSLPEER( ) TRPTYPE(TCP)
有配置过mq ssl的大神米有,跪求指导。