簡體   English   中英

無法連接到 WebSphereMQ SSL 通道

[英]Can't connect to WebSphereMQ SSL channel

  • MQ8。 我在新的隊列管理器 MYQMGR 中創建了兩個通道,FOO 和 SYSTEM.ADMIN.SVRCONN。
  • 我在端口 1414 上創建了一個 TCP 偵聽器。
  • 我在 /var/mqm/qmgrs/MYQMGR/ssl 中創建了一個 kdb 和相關文件,並帶有 qmgr 的服務器證書。
  • 我檢查了 qmgr 上的 SSLKEYR 設置為正確的值:/var/mqm/qmgrs/MYQMGR/ssl/key 在我的情況下。
  • 我將兩個通道上的 SSLCIPH 設置為 TLS_RSA_WITH_AES_128_CBC_SHA256。
  • 我停止並啟動了隊列管理器。

這是一個 SSL 連接,我希望能夠使用openssl s_client -connect localhost:1414來檢查它是否有效。 但是我只是得到:

CONNECTED(00000003)
140512696194912:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake     failure:s23_lib.c:184:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 0 bytes and written 249 bytes
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
---

在我看來,端口上沒有人說 SSL。 我錯過了什么?

請參閱下面的DISPLAY LISTENER(*) ALLDISPLAY QMGRDISPLAY CHANNEL(*) ALL

DISPLAY LISTENER(*) ALL
     4 : DISPLAY LISTENER(*) ALL
AMQ8630: Display listener information details.
   LISTENER(ADEP.DEV.LISTENER)             CONTROL(QMGR)
   TRPTYPE(TCP)                            PORT(1414)
   IPADDR( )                               BACKLOG(0)
   DESCR( )                                ALTDATE(2017-01-17)
   ALTTIME(12.00.31)                    
AMQ8630: Display listener information details.
   LISTENER(SYSTEM.DEFAULT.LISTENER.TCP)   CONTROL(MANUAL)
   TRPTYPE(TCP)                            PORT(0)
   IPADDR( )                               BACKLOG(0)
   DESCR( )                                ALTDATE(2017-01-17)
   ALTTIME(12.00.31)   
DISPLAY QMGR
     1 : DISPLAY QMGR
AMQ8408: Display Queue Manager details.
   QMNAME(MYQMGR)                          ACCTCONO(DISABLED)
   ACCTINT(1800)                           ACCTMQI(OFF)
   ACCTQ(OFF)                              ACTIVREC(MSG)
   ACTVCONO(DISABLED)                      ACTVTRC(OFF)
   ALTDATE(2017-01-17)                     ALTTIME(12.00.31)
   AUTHOREV(DISABLED)                      CCSID(1208)
   CERTLABL(ibmwebspheremqfoo)             CERTVPOL(ANY)
   CHAD(DISABLED)                          CHADEV(DISABLED)
   CHADEXIT( )                             CHLEV(DISABLED)
   CHLAUTH(DISABLED)                       CLWLDATA( )
   CLWLEXIT( )                             CLWLLEN(100)
   CLWLMRUC(999999999)                     CLWLUSEQ(LOCAL)
   CMDEV(DISABLED)                         CMDLEVEL(800)
   COMMANDQ(SYSTEM.ADMIN.COMMAND.QUEUE)    CONFIGEV(DISABLED)
   CONNAUTH(SYSTEM.DEFAULT.AUTHINFO.IDPWOS)
   CRDATE(2017-01-17)                      CRTIME(12.00.30)
   CUSTOM( )                               DEADQ(DLQ)
   DEFCLXQ(SCTQ)                           DEFXMITQ( )
   DESCR( )                                DISTL(YES)
   INHIBTEV(DISABLED)                      IPADDRV(IPV4)
   LOCALEV(DISABLED)                       LOGGEREV(DISABLED)
   MARKINT(5000)                           MAXHANDS(256)
   MAXMSGL(4194304)                        MAXPROPL(NOLIMIT)
   MAXPRTY(9)                              MAXUMSGS(10000)
   MONACLS(QMGR)                           MONCHL(OFF)
   MONQ(OFF)                               PARENT( )
   PERFMEV(DISABLED)                       PLATFORM(UNIX)
   PSMODE(ENABLED)                         PSCLUS(ENABLED)
   PSNPMSG(DISCARD)                        PSNPRES(NORMAL)
   PSRTYCNT(5)                             PSSYNCPT(IFPER)
   QMID(MYQMGR_2017-01-17_12.00.30)        REMOTEEV(DISABLED)
   REPOS( )                                REPOSNL( )
   REVDNS(ENABLED)                         ROUTEREC(MSG)
   SCHINIT(QMGR)                           SCMDSERV(QMGR)
   SPLCAP(ENABLED)                         SSLCRLNL( )
   SSLCRYP( )                              SSLEV(DISABLED)
   SSLFIPS(NO)                          
   SSLKEYR(/var/mqm/qmgrs/MYQMGR/ssl/key)
   SSLRKEYC(0)                             STATACLS(QMGR)
   STATCHL(OFF)                            STATINT(1800)
   STATMQI(OFF)                            STATQ(OFF)
   STRSTPEV(ENABLED)                       SUITEB(NONE)
   SYNCPT                                  TREELIFE(1800)
   TRIGINT(999999999)                      VERSION(08000004)
   XRCAP(YES)                           
DISPLAY CHANNEL(*) ALL
     2 : DISPLAY CHANNEL(*) ALL
AMQ8414: Display Channel details.
   CHANNEL(FOO)                            CHLTYPE(SVRCONN)
   ALTDATE(2017-01-18)                     ALTTIME(02.36.46)
   CERTLABL( )                             COMPHDR(NONE)
   COMPMSG(NONE)                        
   DESCR(Channel to Put and Get from AL)
   DISCINT(0)                              HBINT(300)
   KAINT(AUTO)                             MAXINST(999999999)
   MAXINSTC(999999999)                     MAXMSGL(4194304)
   MCAUSER( )                              MONCHL(QMGR)
   RCVDATA( )                              RCVEXIT( )
   SCYDATA( )                              SCYEXIT( )
   SENDDATA( )                             SENDEXIT( )
   SHARECNV(10)                            SSLCAUTH(OPTIONAL)
   SSLCIPH(TLS_RSA_WITH_AES_128_CBC_SHA256)
   SSLPEER( )                              TRPTYPE(TCP)
AMQ8414: Display Channel details.
   CHANNEL(SYSTEM.ADMIN.SVRCONN)           CHLTYPE(SVRCONN)
   ALTDATE(2017-01-18)                     ALTTIME(02.39.40)
   CERTLABL( )                             COMPHDR(NONE)
   COMPMSG(NONE)                           DESCR( )
   DISCINT(0)                              HBINT(300)
   KAINT(AUTO)                             MAXINST(999999999)
   MAXINSTC(999999999)                     MAXMSGL(4194304)
   MCAUSER( )                              MONCHL(QMGR)
   RCVDATA( )                              RCVEXIT( )
   SCYDATA( )                              SCYEXIT( )
   SENDDATA( )                             SENDEXIT( )
   SHARECNV(10)                            SSLCAUTH(OPTIONAL)
   SSLCIPH(TLS_RSA_WITH_AES_128_CBC_SHA256)
   SSLPEER( )                              TRPTYPE(TCP)
AMQ8414: Display Channel details.
   CHANNEL(SYSTEM.AUTO.RECEIVER)           CHLTYPE(RCVR)
   ALTDATE(2017-01-17)                     ALTTIME(12.00.31)
   BATCHSZ(50)                             CERTLABL( )
   COMPHDR(NONE)                           COMPMSG(NONE)
   DESCR(Auto-defined by)                  HBINT(300)
   KAINT(AUTO)                             MAXMSGL(4194304)
   MCAUSER( )                              MONCHL(QMGR)
   MRDATA( )                               MREXIT( )
   MRRTY(10)                               MRTMR(1000)
   MSGDATA( )                              MSGEXIT( )
   NPMSPEED(FAST)                          PUTAUT(DEF)
   RCVDATA( )                              RCVEXIT( )
   RESETSEQ(NO)                            SCYDATA( )
   SCYEXIT( )                              SENDDATA( )
   SENDEXIT( )                             SEQWRAP(999999999)
   SSLCAUTH(REQUIRED)                      SSLCIPH( )
   SSLPEER( )                              STATCHL(QMGR)
   TRPTYPE(TCP)                            USEDLQ(YES)
AMQ8414: Display Channel details.
   CHANNEL(SYSTEM.AUTO.SVRCONN)            CHLTYPE(SVRCONN)
   ALTDATE(2017-01-17)                     ALTTIME(12.00.31)
   CERTLABL( )                             COMPHDR(NONE)
   COMPMSG(NONE)                           DESCR(Auto-defined by)
   DISCINT(0)                              HBINT(300)
   KAINT(AUTO)                             MAXINST(999999999)
   MAXINSTC(999999999)                     MAXMSGL(4194304)
   MCAUSER( )                              MONCHL(QMGR)
   RCVDATA( )                              RCVEXIT( )
   SCYDATA( )                              SCYEXIT( )
   SENDDATA( )                             SENDEXIT( )
   SHARECNV(10)                            SSLCAUTH(REQUIRED)
   SSLCIPH( )                              SSLPEER( )
   TRPTYPE(TCP)                         
AMQ8414: Display Channel details.
   CHANNEL(SYSTEM.DEF.CLUSRCVR)            CHLTYPE(CLUSRCVR)
   ALTDATE(2017-01-17)                     ALTTIME(12.00.31)
   BATCHHB(0)                              BATCHINT(0)
   BATCHLIM(5000)                          BATCHSZ(50)
   CERTLABL( )                             CLUSNL( )
   CLUSTER( )                              CLWLPRTY(0)
   CLWLRANK(0)                             CLWLWGHT(50)
   COMPHDR(NONE)                           COMPMSG(NONE)
   CONNAME( )                              CONVERT(NO)
   DESCR( )                                DISCINT(6000)
   HBINT(300)                              KAINT(AUTO)
   LOCLADDR( )                             LONGRTY(999999999)
   LONGTMR(1200)                           MAXMSGL(4194304)
   MCANAME( )                              MCATYPE(THREAD)
   MCAUSER( )                              MODENAME( )
   MONCHL(QMGR)                            MRDATA( )
   MREXIT( )                               MRRTY(10)
   MRTMR(1000)                             MSGDATA( )
   MSGEXIT( )                              NETPRTY(0)
   NPMSPEED(FAST)                          PROPCTL(COMPAT)
   PUTAUT(DEF)                             RCVDATA( )
   RCVEXIT( )                              RESETSEQ(NO)
   SCYDATA( )                              SCYEXIT( )
   SENDDATA( )                             SENDEXIT( )
   SEQWRAP(999999999)                      SHORTRTY(10)
   SHORTTMR(60)                            SSLCAUTH(REQUIRED)
   SSLCIPH( )                              SSLPEER( )
   STATCHL(QMGR)                           TPNAME( )
   TRPTYPE(TCP)                            USEDLQ(YES)
AMQ8414: Display Channel details.
   CHANNEL(SYSTEM.DEF.CLUSSDR)             CHLTYPE(CLUSSDR)
   ALTDATE(2017-01-17)                     ALTTIME(12.00.31)
   BATCHHB(0)                              BATCHINT(0)
   BATCHLIM(5000)                          BATCHSZ(50)
   CLUSNL( )                               CLUSTER( )
   CLWLPRTY(0)                             CLWLRANK(0)
   CLWLWGHT(50)                            COMPHDR(NONE)
   COMPMSG(NONE)                           CONNAME( )
   CONVERT(NO)                             DESCR( )
   DISCINT(6000)                           HBINT(300)
   KAINT(AUTO)                             LOCLADDR( )
   LONGRTY(999999999)                      LONGTMR(1200)
   MAXMSGL(4194304)                        MCANAME( )
   MCATYPE(THREAD)                         MCAUSER( )
   MODENAME( )                             MONCHL(QMGR)
   MSGDATA( )                              MSGEXIT( )
   NPMSPEED(FAST)                          PASSWORD( )
   PROPCTL(COMPAT)                         RCVDATA( )
   RCVEXIT( )                              RESETSEQ(NO)
   SCYDATA( )                              SCYEXIT( )
   SENDDATA( )                             SENDEXIT( )
   SEQWRAP(999999999)                      SHORTRTY(10)
   SHORTTMR(60)                            SSLCIPH( )
   SSLPEER( )                              STATCHL(QMGR)
   TPNAME( )                               TRPTYPE(TCP)
   USEDLQ(YES)                             USERID( )
AMQ8414: Display Channel details.
   CHANNEL(SYSTEM.DEF.RECEIVER)            CHLTYPE(RCVR)
   ALTDATE(2017-01-17)                     ALTTIME(12.00.31)
   BATCHSZ(50)                             CERTLABL( )
   COMPHDR(NONE)                           COMPMSG(NONE)
   DESCR( )                                HBINT(300)
   KAINT(AUTO)                             MAXMSGL(4194304)
   MCAUSER( )                              MONCHL(QMGR)
   MRDATA( )                               MREXIT( )
   MRRTY(10)                               MRTMR(1000)
   MSGDATA( )                              MSGEXIT( )
   NPMSPEED(FAST)                          PUTAUT(DEF)
   RCVDATA( )                              RCVEXIT( )
   RESETSEQ(NO)                            SCYDATA( )
   SCYEXIT( )                              SENDDATA( )
   SENDEXIT( )                             SEQWRAP(999999999)
   SSLCAUTH(REQUIRED)                      SSLCIPH( )
   SSLPEER( )                              STATCHL(QMGR)
   TRPTYPE(TCP)                            USEDLQ(YES)
AMQ8414: Display Channel details.
   CHANNEL(SYSTEM.DEF.REQUESTER)           CHLTYPE(RQSTR)
   ALTDATE(2017-01-17)                     ALTTIME(12.00.31)
   BATCHSZ(50)                             CERTLABL( )
   COMPHDR(NONE)                           COMPMSG(NONE)
   CONNAME( )                              DESCR( )
   HBINT(300)                              KAINT(AUTO)
   LOCLADDR( )                             MAXMSGL(4194304)
   MCANAME( )                              MCATYPE(PROCESS)
   MCAUSER( )                              MODENAME( )
   MONCHL(QMGR)                            MRDATA( )
   MREXIT( )                               MRRTY(10)
   MRTMR(1000)                             MSGDATA( )
   MSGEXIT( )                              NPMSPEED(FAST)
   PASSWORD( )                             PUTAUT(DEF)
   RCVDATA( )                              RCVEXIT( )
   RESETSEQ(NO)                            SCYDATA( )
   SCYEXIT( )                              SENDDATA( )
   SENDEXIT( )                             SEQWRAP(999999999)
   SSLCAUTH(REQUIRED)                      SSLCIPH( )
   SSLPEER( )                              STATCHL(QMGR)
   TPNAME( )                               TRPTYPE(TCP)
   USEDLQ(YES)                             USERID( )
AMQ8414: Display Channel details.
   CHANNEL(SYSTEM.DEF.SENDER)              CHLTYPE(SDR)
   ALTDATE(2017-01-17)                     ALTTIME(12.00.31)
   BATCHHB(0)                              BATCHINT(0)
   BATCHLIM(5000)                          BATCHSZ(50)
   CERTLABL( )                             COMPHDR(NONE)
   COMPMSG(NONE)                           CONNAME( )
   CONVERT(NO)                             DESCR( )
   DISCINT(6000)                           HBINT(300)
   KAINT(AUTO)                             LOCLADDR( )
   LONGRTY(999999999)                      LONGTMR(1200)
   MAXMSGL(4194304)                        MCANAME( )
   MCATYPE(PROCESS)                        MCAUSER( )
   MODENAME( )                             MONCHL(QMGR)
   MSGDATA( )                              MSGEXIT( )
   NPMSPEED(FAST)                          PASSWORD( )
   PROPCTL(COMPAT)                         RCVDATA( )
   RCVEXIT( )                              RESETSEQ(NO)
   SCYDATA( )                              SCYEXIT( )
   SENDDATA( )                             SENDEXIT( )
   SEQWRAP(999999999)                      SHORTRTY(10)
   SHORTTMR(60)                            SSLCIPH( )
   SSLPEER( )                              STATCHL(QMGR)
   TPNAME( )                               TRPTYPE(TCP)
   USEDLQ(YES)                             USERID( )
   XMITQ( )                             
AMQ8414: Display Channel details.
   CHANNEL(SYSTEM.DEF.SERVER)              CHLTYPE(SVR)
   ALTDATE(2017-01-17)                     ALTTIME(12.00.31)
   BATCHHB(0)                              BATCHINT(0)
   BATCHLIM(5000)                          BATCHSZ(50)
   CERTLABL( )                             COMPHDR(NONE)
   COMPMSG(NONE)                           CONNAME( )
   CONVERT(NO)                             DESCR( )
   DISCINT(6000)                           HBINT(300)
   KAINT(AUTO)                             LOCLADDR( )
   LONGRTY(999999999)                      LONGTMR(1200)
   MAXMSGL(4194304)                        MCANAME( )
   MCATYPE(PROCESS)                        MCAUSER( )
   MODENAME( )                             MONCHL(QMGR)
   MSGDATA( )                              MSGEXIT( )
   NPMSPEED(FAST)                          PASSWORD( )
   PROPCTL(COMPAT)                         RCVDATA( )
   RCVEXIT( )                              RESETSEQ(NO)
   SCYDATA( )                              SCYEXIT( )
   SENDDATA( )                             SENDEXIT( )
   SEQWRAP(999999999)                      SHORTRTY(10)
   SHORTTMR(60)                            SSLCAUTH(REQUIRED)
   SSLCIPH( )                              SSLPEER( )
   STATCHL(QMGR)                           TPNAME( )
   TRPTYPE(TCP)                            USEDLQ(YES)
   USERID( )                               XMITQ( )
AMQ8414: Display Channel details.
   CHANNEL(SYSTEM.DEF.SVRCONN)             CHLTYPE(SVRCONN)
   ALTDATE(2017-01-17)                     ALTTIME(12.00.31)
   CERTLABL( )                             COMPHDR(NONE)
   COMPMSG(NONE)                           DESCR( )
   DISCINT(0)                              HBINT(300)
   KAINT(AUTO)                             MAXINST(999999999)
   MAXINSTC(999999999)                     MAXMSGL(4194304)
   MCAUSER( )                              MONCHL(QMGR)
   RCVDATA( )                              RCVEXIT( )
   SCYDATA( )                              SCYEXIT( )
   SENDDATA( )                             SENDEXIT( )
   SHARECNV(10)                            SSLCAUTH(REQUIRED)
   SSLCIPH( )                              SSLPEER( )
   TRPTYPE(TCP)                         
AMQ8414: Display Channel details.
   CHANNEL(SYSTEM.DEF.CLNTCONN)            CHLTYPE(CLNTCONN)
   AFFINITY(PREFERRED)                     ALTDATE(2017-01-17)
   ALTTIME(12.00.31)                       CERTLABL( )
   CLNTWGHT(0)                             COMPHDR(NONE)
   COMPMSG(NONE)                           CONNAME( )
   DEFRECON(NO)                            DESCR( )
   HBINT(300)                              KAINT(AUTO)
   LOCLADDR( )                             MAXMSGL(4194304)
   MODENAME( )                             PASSWORD( )
   QMNAME( )                               RCVDATA( )
   RCVEXIT( )                              SCYDATA( )
   SCYEXIT( )                              SENDDATA( )
   SENDEXIT( )                             SHARECNV(10)
   SSLCIPH( )                              SSLPEER( )
   TPNAME( )                               TRPTYPE(TCP)
   USERID( )                            

CERTLABLibmwebspheremqfoo是否與key.kdb文件中的證書標簽匹配? 如果沒有,則更新 CERTLABL 值以匹配或重命名 key.kdb 中的證書標簽以匹配。

key.kdb文件是否包含完整的頒發證書鏈(例如:root 和中級證書)? 如果它不能確保完整的鏈包含在 key.kdb 中。 確保在對 key.kdb 進行任何更新后發出REFRESH SECURITY TYPE(SSL)命令,這將強制 MQ 重新讀取文件。

暫無
暫無

聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.

 
粵ICP備18138465號  © 2020-2024 STACKOOM.COM