Skip to Content
0

SSL Connection Issue In JMS Channel

Jan 15 at 08:10 AM

68

avatar image
Former Member

Hi Experts,

I have a scenario to connect to IBM WebSphere MQ using JMS Channel.We are on PI 7.5.

We are able to communicate with MQ without enabling SSL.

But when we enable the SSL in JMS channel, receiving error in the channel "Websphere MQ call failed with compcode '2'(MQCC_FAILED) reason '2393'('MQRC_SSL_INITIALIZATION_ERROR)".

I have followed the below steps to enable SSL

- Set 'SSL Cipher Suite' to 'Other', and 'Other Cipher Suite' to 'TLS_RSA_WITH_AES_256_CBC_SHA'

- Created private Key and certificate under the Key Storage view ICM_SSL_11412

- Generated CSR file by clicking 'Generate CSR Request' and sent .csr file to MQ team

- Imported the signed certificate and the root certificates received from MQ by clicking 'Import CSR Response'

-After importing the certificates, have done 'Export View to PSE'

-Restarted 'SSL Provider' Service

- Set the Additional VM Parameters to -Dcom.ibm.mq.useIBMCipherMapping to 'false'

- Updated crypto policy in the security file to unlimited and restarted the system

crypto.policy=unlimited

Below is the trace, and not able to find more details regarding the error.

Begin IAIK Debug:
ssl_debug(3): Starting handshake (iSaSiLk 5.104)...
ssl_debug(3): Sending v3 client_hello message to 10.41.109.64:2429, requesting version 3.3...
ssl_debug(3): Sending extensions: renegotiation_info (65281), signature_algorithms (13)
ssl_debug(3): Received alert message: Alert Fatal: handshake failure
ssl_debug(3): SSLException while handshaking: Peer sent alert: Alert Fatal: handshake failure
ssl_debug(3): Shutting down SSL layer...
ssl_debug(3): Closing transport...

End IAIK Debug.

Am i missing any configuration ? Has anyone faced similar issue ?

Thanks

Santhi

10 |10000 characters needed characters left characters exceeded
* Please Login or Register to Answer, Follow or Comment.

1 Answer

avatar image
Former Member Feb 14 at 03:24 PM
0

Hi, Same issue here, but with AES_128.. Cipher.

Will appreciate any help.

Regards,

Share
10 |10000 characters needed characters left characters exceeded