Service Virtualization

  • Private Community

  • 1.  Getting (MQCC_FAILED), Reason Code 2397 (MQRC_JSSE_ERROR) error

    Posted Apr 09, 2018 08:13 PM

    Hi Kevin, Kevin.Bowman

    I am getting following error while putting a message to IBM MQ

    Error Message:

    com.ibm.mq.jmqi.JmqiException: CC=2;RC=2397;AMQ9771: SSL handshake failed. [1=javax.net.ssl.SSLHandshakeException[No appropriate protocol (protocol is disabled or cipher suites are inappropriate)

     

    The same Test suite is working without any errors in ITR. However, test suite is failing with the above error when deployed to CVS. Kindly assist me. thanks

     

    I have created MQ asset as follows.

    - Added MQ Manager with following details.

        - QMName, Hostname, Port number, Channel

        - SSL Cipher Suite 

        - SSL context 

             - Selected TrustStore and KeyStore

       - TrustStore --> TrustAllManager 

       - Keystore--> Entered keystore path and password

     

    I have verified all the added assets and getting 100% success as follows. 

    Initializing SSL Context
    Success: class com.ibm.mq.MQQueueManager

     

    Thanks for your support in advance.

     

    Regards,
    Narasimha.



  • 2.  Re: Getting (MQCC_FAILED), Reason Code 2397 (MQRC_JSSE_ERROR) error

    Posted Apr 09, 2018 10:56 PM

    Is your CVS server on the same machine as Workstation?  If you had to make some environment or local.properties changes to get MQ SSL to work in your local Workstation, then you will have to also make sure those changes are present on your CVS server.



  • 3.  Re: Getting (MQCC_FAILED), Reason Code 2397 (MQRC_JSSE_ERROR) error

    Posted Apr 10, 2018 03:37 AM

    Hi Kevin,

    CVS server and Workstation are on different machines. 

    I have not done any SSL configurations on local.properties file as I am sending certificate with every request.

    The same Test Suite is working with Development MQ's(enabled SSL while putting messages to queue)  when deployed on CVS server.

     

     

    Thanks,

    Narasimha.



  • 4.  Re: Getting (MQCC_FAILED), Reason Code 2397 (MQRC_JSSE_ERROR) error
    Best Answer

    Posted Apr 10, 2018 09:20 AM

    By SSL configurations I'm talking about the steps in this document:

    IBM MQ and SSL/TLS 

     

    > The same Test Suite is working with Development MQ's(enabled SSL while putting messages to queue) when deployed on CVS server.

     

    Are you trying to say the exact same test works when run from CVS against a different Queue Manager?  Is that Queue Manager's SSL configuration, specifically the Cipher Spec, configured the same?  When you are testing in Workstation, are you testing against the Queue Manager that works from CVS, or the Queue Manager that does not work from CVS?



  • 5.  Re: Getting (MQCC_FAILED), Reason Code 2397 (MQRC_JSSE_ERROR) error

    Posted Apr 15, 2018 09:10 PM

    Thank you Kevin. Recently we have moved to 10.2 and I forgot to comment "jdk.tls.disabledAlgorithms=SSLv3, RC4, MD5withRSA, DH keySize < 768" in java.security file. Post this change, there is no SSL issue.