Skip to Content
avatar image
Former Member

SSL Connection Issue In JMS Channel

Hi Experts,

I have a scenario to connect to IBM WebSphere MQ using JMS Channel.We are on PI 7.5.

We are able to communicate with MQ without enabling SSL.

But when we enable the SSL in JMS channel, receiving error in the channel "Websphere MQ call failed with compcode '2'(MQCC_FAILED) reason '2393'('MQRC_SSL_INITIALIZATION_ERROR)".

I have followed the below steps to enable SSL

- Set 'SSL Cipher Suite' to 'Other', and 'Other Cipher Suite' to 'TLS_RSA_WITH_AES_256_CBC_SHA'

- Created private Key and certificate under the Key Storage view ICM_SSL_11412

- Generated CSR file by clicking 'Generate CSR Request' and sent .csr file to MQ team

- Imported the signed certificate and the root certificates received from MQ by clicking 'Import CSR Response'

-After importing the certificates, have done 'Export View to PSE'

-Restarted 'SSL Provider' Service

- Set the Additional VM Parameters to -Dcom.ibm.mq.useIBMCipherMapping to 'false'

- Updated crypto policy in the security file to unlimited and restarted the system

crypto.policy=unlimited

Below is the trace, and not able to find more details regarding the error.

Begin IAIK Debug:
ssl_debug(3): Starting handshake (iSaSiLk 5.104)...
ssl_debug(3): Sending v3 client_hello message to 10.41.109.64:2429, requesting version 3.3...
ssl_debug(3): Sending extensions: renegotiation_info (65281), signature_algorithms (13)
ssl_debug(3): Received alert message: Alert Fatal: handshake failure
ssl_debug(3): SSLException while handshaking: Peer sent alert: Alert Fatal: handshake failure
ssl_debug(3): Shutting down SSL layer...
ssl_debug(3): Closing transport...

End IAIK Debug.

Am i missing any configuration ? Has anyone faced similar issue ?

Thanks

Santhi

Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

1 Answer

  • avatar image
    Former Member
    Feb 14 at 03:24 PM

    Hi, Same issue here, but with AES_128.. Cipher.

    Will appreciate any help.

    Regards,

    Add comment
    10|10000 characters needed characters exceeded