Hi Kevin, Kevin.Bowman
I am getting following error while putting a message to IBM MQ
com.ibm.mq.jmqi.JmqiException: CC=2;RC=2397;AMQ9771: SSL handshake failed. [1=javax.net.ssl.SSLHandshakeException[No appropriate protocol (protocol is disabled or cipher suites are inappropriate)
The same Test suite is working without any errors in ITR. However, test suite is failing with the above error when deployed to CVS. Kindly assist me. thanks
I have created MQ asset as follows.
- Added MQ Manager with following details.
- QMName, Hostname, Port number, Channel
- SSL Cipher Suite
- SSL context
- Selected TrustStore and KeyStore
- TrustStore --> TrustAllManager
- Keystore--> Entered keystore path and password
I have verified all the added assets and getting 100% success as follows.
Initializing SSL ContextSuccess: class com.ibm.mq.MQQueueManager
Thanks for your support in advance.
Is your CVS server on the same machine as Workstation? If you had to make some environment or local.properties changes to get MQ SSL to work in your local Workstation, then you will have to also make sure those changes are present on your CVS server.
CVS server and Workstation are on different machines.
I have not done any SSL configurations on local.properties file as I am sending certificate with every request.
The same Test Suite is working with Development MQ's(enabled SSL while putting messages to queue) when deployed on CVS server.
By SSL configurations I'm talking about the steps in this document:
IBM MQ and SSL/TLS
> The same Test Suite is working with Development MQ's(enabled SSL while putting messages to queue) when deployed on CVS server.
Are you trying to say the exact same test works when run from CVS against a different Queue Manager? Is that Queue Manager's SSL configuration, specifically the Cipher Spec, configured the same? When you are testing in Workstation, are you testing against the Queue Manager that works from CVS, or the Queue Manager that does not work from CVS?
Thank you Kevin. Recently we have moved to 10.2 and I forgot to comment "jdk.tls.disabledAlgorithms=SSLv3, RC4, MD5withRSA, DH keySize < 768" in java.security file. Post this change, there is no SSL issue.