Spring MQ SSL Connection Issue

**atlas** · Feb 1st, 2012, 05:27 AM

Hi,

In my application I am connecting MQ using spring. In case of non-SSL connection it works fine. But when I tried SSL connection it is throwing exception. Following are the Spring configuration:

<bean id="JmsTemplate"
class="org.springframework.jms.core.JmsTemplate">
<property name="connectionFactory"
ref="MQcredentialsconnectionFactory" />
<property name="defaultDestinationName" value="${mq.queueName}" />
<property name="explicitQosEnabled" value="true" />
</bean>

<bean id="MQcredentialsconnectionFactory"
class="org.springframework.jms.connection.UserCred entialsConnectionFactoryAdapter">
<property name="targetConnectionFactory"
ref="MQconnectionFactoryparams" />
<property name="username" value="${mq.userName}" />
<property name="password" value="${mq.userPassword}" />
</bean>

<bean id="MQconnectionFactoryparams"
class="com.ibm.mq.jms.MQQueueConnectionFactory">
<property name="transportType" value="${mq.transportType}" />
<property name="queueManager" value="${mq.queueManager}" />
<property name="hostName" value="${mq.hostName}" />
<property name="port" value="${mq.port}" />
<property name="channel" value="${mq.channel}" />
<property name="SSLCipherSuite" value="SSL_RSA_WITH_3DES_EDE_CBC_SHA" />
</bean>

For ssl connection I have added two new properties.
1. <property name="SSLCipherSuite" value="SSL_RSA_WITH_3DES_EDE_CBC_SHA" />
2. javax.net.ssl.trustStore={path to trustStore}

When I run non-SSL and SSL connection in a JAVA standalone class it works fine.
Exception occurs only in case of SSL connection using Spring.

Uncategorized exception occured during JMS processing; nested exception is javax.jms.JMSException: MQJMS2005: failed to create MQQueueManager for 'ent-hubdev1_svc.uk.fid-intl.com:ENTH2D1'; nested exception is com.ibm.mq.MQException: MQJE001: An MQException occurred: Completion Code 2, Reason 2059
MQJE013: Error accessing socket streams

Can somebody help what I am missing here? How can I resolve this issue?

Thanks,
Arun

**Mark Fisher** · Feb 1st, 2012, 06:25 AM

First, please use [ CODE ] and [ CODE /] (without the spaces) to surround code blocks in your posts (makes it easier to read).

I'd recommend googling the error code. It looks like it might be an issue with the referenced Queue Manager not yet being started.

**atlas** · Feb 1st, 2012, 06:30 AM

Hi Mark,

Thanks for your reply. As i said I am able to connect to same Queue Manager from Spring in SSL environment. Also same is accessible from JAVA standalone program both in SSL and non-SSL environment.

Do you see any other reason?

Thanks,
Arun

**Mark Fisher** · Feb 1st, 2012, 06:33 AM

I don't see anything obvious. There must be something different between the configuration you are using in the 2 cases, so I'd check that carefully. Spring is not doing anything other than using what you provide to connect.

**atlas** · Feb 1st, 2012, 06:45 AM

Hi Mark,

I would like to highlight one more thing. I also checked Windows Event Viewer and I found that it is trying to connect host "XYZ" while I am passing host "ABC". In case of non-SSL it works perfectly and connect to provided server.

An early reply would be very helpful.

Thanks,
Arun

**Mark Fisher** · Feb 1st, 2012, 06:51 AM

Like I said, double check your configuration (I'd start with the placeholders). I can't help you with anything else, because Spring is not doing anything other than using what you configure to establish a connection.

**DPR** · Feb 8th, 2012, 07:46 AM

Two options to help diagnose:

- run the spring java app with -Djavax.net.debug=ssl option. This will give a lot of SSL debug output
- check the queue manager log file, see if a connection attempt is even made

I notice you set javax.net.ssl.trustStore, but not javax.net.ssl.trustStorePassword? Is your JKS file password protected?

**DPR** · Feb 8th, 2012, 08:13 AM

Also, read up on TransportType for MQConnectionFactory

http://publib.boulder.ibm.com/infoce... Factory.html

By default the transport type is 0. This is bindings mode. You probably want to set it to 1. This is client (TCP) mode.

Code:

<property name="transportType" value="1" />

**atlas** · Feb 9th, 2012, 03:29 AM

Hi,

This issue is resolved now. It was resolved when I removed environment property javax.net.ssl.trustStore. I am using this property only in standalone java program. In case of websphere I am using websphere's trust store with SSL related certificates imported into it.

Thanks everybody for your responses.

**srirao235** · Aug 20th, 2012, 09:37 PM

Originally Posted by atlas

Hi,

This issue is resolved now. It was resolved when I removed environment property javax.net.ssl.trustStore. I am using this property only in standalone java program. In case of websphere I am using websphere's trust store with SSL related certificates imported into it.

Thanks everybody for your responses.

Hi Atlas,
If we need to pass trust store how to do that? Is there any document on Spring MQ SSL connection setup? I'm trying to explore this option.
Thanks
Sri

Thread: Spring MQ SSL Connection Issue

Thread Tools

Display

Spring MQ SSL Connection Issue

Tags for this Thread

Posting Permissions