on 01-15-2018 8:10 AM
Hi Experts,
I have a scenario to connect to IBM WebSphere MQ using JMS Channel.We are on PI 7.5.
We are able to communicate with MQ without enabling SSL.
But when we enable the SSL in JMS channel, receiving error in the channel "Websphere MQ call failed with compcode '2'(MQCC_FAILED) reason '2393'('MQRC_SSL_INITIALIZATION_ERROR)".
I have followed the below steps to enable SSL
- Set 'SSL Cipher Suite' to 'Other', and 'Other Cipher Suite' to 'TLS_RSA_WITH_AES_256_CBC_SHA'
- Created private Key and certificate under the Key Storage view ICM_SSL_11412
- Generated CSR file by clicking 'Generate CSR Request' and sent .csr file to MQ team
- Imported the signed certificate and the root certificates received from MQ by clicking 'Import CSR Response'
-After importing the certificates, have done 'Export View to PSE'
-Restarted 'SSL Provider' Service
- Set the Additional VM Parameters to -Dcom.ibm.mq.useIBMCipherMapping to 'false'
- Updated crypto policy in the security file to unlimited and restarted the system
crypto.policy=unlimited
Below is the trace, and not able to find more details regarding the error.
Begin IAIK Debug:
ssl_debug(3): Starting handshake (iSaSiLk 5.104)...
ssl_debug(3): Sending v3 client_hello message to 10.41.109.64:2429, requesting version 3.3...
ssl_debug(3): Sending extensions: renegotiation_info (65281), signature_algorithms (13)
ssl_debug(3): Received alert message: Alert Fatal: handshake failure
ssl_debug(3): SSLException while handshaking: Peer sent alert: Alert Fatal: handshake failure
ssl_debug(3): Shutting down SSL layer...
ssl_debug(3): Closing transport...
End IAIK Debug.
Am i missing any configuration ? Has anyone faced similar issue ?
Thanks
Santhi
Hi Guys,
Did you find any solution to this issue?
Regards
K
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi, Same issue here, but with AES_128.. Cipher.
Will appreciate any help.
Regards,
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
93 | |
10 | |
10 | |
9 | |
9 | |
7 | |
6 | |
5 | |
5 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.