个人中心
文章发布
退出
作者热门文章
- Java 双重比较
- java - 比较器与 Apache BeanComparator
- Objective-C 完成 block 导致额外的方法调用?
- database - RESTful URI 是否应该公开数据库主键?
25
4
我正在尝试使用我的 Java 代码设置一个 2 路 SSl。我以一种方式成功地做到了这一点,即从我这边验证了服务器证书,但是当涉及到两种方式时,我得到了 2397 错误代码。
我遵循的步骤是:
然后我尝试运行我的 java 代码。这在没有 SSL 或单向 SSL 的情况下工作正常。但如果失败则双向握手。下面是代码和堆栈跟踪:
//code to create MQ connectivity
public static void main(String [] args){
System.setProperty("javax.net.debug","ssl");
//keystore path
System.setProperty("javax.net.ssl.keyStore", "C:/keystores/keystore.jks");
System.setProperty("javax.net.ssl.keyStorePassword", "password");
//trsutstore path
System.setProperty("javax.net.ssl.trustStore", "C:/keystores/truststore.jks");
System.setProperty("javax.net.ssl.trustStorePassword", "password");
//cipher spec
MQEnvironment.sslCipherSuite = "SSL_RSA_WITH_NULL_MD5";
MQEnvironment.hostname = "*****-ws3717";//system name
MQEnvironment.port = 1414;
MQEnvironment.channel = "channel_name";//channel name
MQQueueManager qm = null;
try { qm = new MQQueueManager("QMNGR");
System.out.println("Conn Successs!!!");
} catch (MQException e) {
e.printStackTrace();
}
finally {
try {
qm.disconnect();
} catch (Exception e) {
e.printStackTrace();
e.getCause();
}
}
} }
堆栈轨迹如下:
keyStore is : C:/keystores/keystore.jks
keyStore type is : jks
keyStore provider is :
init keystore
init keymanager of type SunX509
***
found key for : selfsigned
chain [0] = [
[
Version: V3
Subject: CN=Pooja Joshi, OU=SGW, O=SUNGARD, L=PUNE, ST=MH, C=IN
Signature Algorithm: MD5withRSA, OID = 1.2.840.113549.1.1.4
Key: Sun RSA public key, 1024 bits
modulus: 132473562370742919150140985227175013875110053845431438145351913928668686945002725183702560702247749924970161010103451411451345824467592557656888776558245848713650717773344294766986771753500118311618188922138349812131167438364266468003061810102502957510761089213138803410346480285664890149111581898928681089463
public exponent: 65537
Validity: [From: Fri May 25 13:54:00 IST 2012,
To: Sat May 25 13:54:00 IST 2013]
Issuer: CN=Pooja Joshi, OU=SGW, O=SUNGARD, L=PUNE, ST=MH, C=IN
SerialNumber: [ 4fbf41a0]
]
Algorithm: [MD5withRSA]
Signature:
0000: 46 D0 CC DF AB 5F 6F D3 37 33 E1 64 F7 1B F7 3F F...._o.73.d...?
0010: 98 95 06 09 F9 84 C8 3A 65 CF A7 24 BB 46 95 DF .......:e..$.F..
0020: 8B 30 F2 BC 5C F9 CC 31 E4 36 53 43 BB 50 1B EF .0..\..1.6SC.P..
0030: 8C 9B DB C0 41 C9 2C 37 AD B6 1D 30 BF 6E 75 E4 ....A.,7...0.nu.
0040: A9 05 E7 30 5A B1 30 84 6B 8E B7 7A 83 2D 33 01 ...0Z.0.k..z.-3.
0050: A1 44 86 A0 11 30 C3 4D 5B 68 7E 0B 09 48 03 CC .D...0.M[h...H..
0060: DF C5 97 AD 87 40 DC 2A 9A 3D ED FC 27 D3 8B 4F .....@.*.=..'..O
0070: F0 21 02 E8 62 6B 05 63 57 BB E8 4D 33 EA 35 9E .!..bk.cW..M3.5.
]
***
trustStore is: C:\keystores\truststore.jks
trustStore type is : jks
trustStore provider is :
init truststore
adding as trusted cert:
Subject: CN=Pooja Joshi, OU=SGW, O=SUNGARD, L=PUNE, ST=MH, C=IN
Issuer: CN=Pooja Joshi, OU=SGW, O=SUNGARD, L=PUNE, ST=MH, C=IN
Algorithm: RSA; Serial number: 0x4fbf4261
Valid from Fri May 25 13:57:13 IST 2012 until Sat May 25 13:57:13 IST 2013
trigger seeding of SecureRandom
done seeding SecureRandom
Allow unsafe renegotiation: false
Allow legacy hello messages: true
Is initial handshake: true
Is secure renegotiation: false
%% No cached client session
*** ClientHello, SSLv3
RandomCookie: GMT: 1321485794 bytes = { 138, 193, 95, 113, 86, 252, 250, 50, 154, 121, 73, 8, 93, 116, 115, 184, 182, 142, 240, 205, 15, 250, 172, 171, 111, 5, 122, 52 }
Session ID: {}
Cipher Suites: [SSL_RSA_WITH_NULL_MD5]
Compression Methods: { 0 }
Extension renegotiation_info, renegotiated_connection: <empty>
***
main, WRITE: SSLv3 Handshake, length = 52
main, READ: SSLv3 Handshake, length = 4875
*** ServerHello, SSLv3
RandomCookie: GMT: 1321485794 bytes = { 250, 173, 248, 90, 241, 136, 107, 119, 99, 92, 80, 19, 223, 223, 152, 131, 216, 115, 242, 56, 198, 135, 156, 111, 210, 234, 220, 103 }
Session ID: {240, 31, 0, 0, 80, 56, 194, 89, 112, 238, 203, 154, 79, 75, 68, 48, 106, 203, 19, 130, 88, 88, 88, 88, 226, 70, 196, 79, 13, 0, 0, 0}
Cipher Suite: SSL_RSA_WITH_NULL_MD5
Compression Method: 0
***
Warning: No renegotiation indication extension in ServerHello
%% Created: [Session-1, SSL_RSA_WITH_NULL_MD5]
** SSL_RSA_WITH_NULL_MD5
*** Certificate chain
chain [0] = [
[
Version: V3
Subject: CN=Pooja Joshi, OU=SGW, O=SUNGARD, L=PUNE, ST=MH, C=IN
Signature Algorithm: MD5withRSA, OID = 1.2.840.113549.1.1.4
Key: Sun RSA public key, 1024 bits
modulus: 105605049659295333895264877648371480987144339115417104117025065956957634413900327625548229515098843172709660865042903412409581107015480309223474293490705595126088958625491899627683399717294708677347640098462040771799700233921554682196524988217754821345297656825451441457385676164016790486091736694366149540953
public exponent: 65537
Validity: [From: Fri May 25 13:57:13 IST 2012,
To: Sat May 25 13:57:13 IST 2013]
Issuer: CN=Pooja Joshi, OU=SGW, O=SUNGARD, L=PUNE, ST=MH, C=IN
SerialNumber: [ 4fbf4261]
]
Algorithm: [MD5withRSA]
Signature:
0000: 81 F5 2C 2A 77 63 F1 CD D8 31 E1 BE B5 9B 28 C5 ..,*wc...1....(.
0010: 6B EA 24 BB 5C 3D EB D0 EB E3 86 2E D7 1C 0D 92 k.$.\=..........
0020: 36 A2 79 13 BC 74 40 C4 BF 7C F7 1B 05 8C 6B CF 6.y..t@.......k.
0030: EB 2C C2 0D E3 40 F7 F0 95 66 B6 85 AE 84 66 C9 .,...@...f....f.
0040: B7 C5 29 BE 71 1F 28 C0 83 1C 94 41 08 2A 44 45 ..).q.(....A.*DE
0050: 99 FD C5 77 28 26 FC 50 A3 69 32 BD F5 8B 0C A6 ...w(&.P.i2.....
0060: 13 21 0F BA B2 C6 A2 71 18 17 94 31 3B 7E 88 63 .!.....q...1;..c
0070: C0 01 76 DC 60 47 BB 3F 2F 7E 2A 73 84 DA 60 79 ..v.`G.?/.*s..`y
]
***
Found trusted certificate:
[
[
Version: V3
Subject: CN=Pooja Joshi, OU=SGW, O=SUNGARD, L=PUNE, ST=MH, C=IN
Signature Algorithm: MD5withRSA, OID = 1.2.840.113549.1.1.4
Key: Sun RSA public key, 1024 bits
modulus: 105605049659295333895264877648371480987144339115417104117025065956957634413900327625548229515098843172709660865042903412409581107015480309223474293490705595126088958625491899627683399717294708677347640098462040771799700233921554682196524988217754821345297656825451441457385676164016790486091736694366149540953
public exponent: 65537
Validity: [From: Fri May 25 13:57:13 IST 2012,
To: Sat May 25 13:57:13 IST 2013]
Issuer: CN=Pooja Joshi, OU=SGW, O=SUNGARD, L=PUNE, ST=MH, C=IN
SerialNumber: [ 4fbf4261]
]
Algorithm: [MD5withRSA]
Signature:
0000: 81 F5 2C 2A 77 63 F1 CD D8 31 E1 BE B5 9B 28 C5 ..,*wc...1....(.
0010: 6B EA 24 BB 5C 3D EB D0 EB E3 86 2E D7 1C 0D 92 k.$.\=..........
0020: 36 A2 79 13 BC 74 40 C4 BF 7C F7 1B 05 8C 6B CF 6.y..t@.......k.
0030: EB 2C C2 0D E3 40 F7 F0 95 66 B6 85 AE 84 66 C9 .,...@...f....f.
0040: B7 C5 29 BE 71 1F 28 C0 83 1C 94 41 08 2A 44 45 ..).q.(....A.*DE
0050: 99 FD C5 77 28 26 FC 50 A3 69 32 BD F5 8B 0C A6 ...w(&.P.i2.....
0060: 13 21 0F BA B2 C6 A2 71 18 17 94 31 3B 7E 88 63 .!.....q...1;..c
0070: C0 01 76 DC 60 47 BB 3F 2F 7E 2A 73 84 DA 60 79 ..v.`G.?/.*s..`y
]
*** CertificateRequest
Cert Types: RSA
Cert Authorities:
<EMAILADDRESS=server-certs@thawte.com, CN=Thawte Server CA, OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town, ST=Western Cape, C=ZA>
<EMAILADDRESS=premium-server@thawte.com, CN=Thawte Premium Server CA, OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town, ST=Western Cape, C=ZA>
<EMAILADDRESS=personal-basic@thawte.com, CN=Thawte Personal Basic CA, OU=Certification Services Division, O=Thawte Consulting, L=Cape Town, ST=Western Cape, C=ZA>
<EMAILADDRESS=personal-freemail@thawte.com, CN=Thawte Personal Freemail CA, OU=Certification Services Division, O=Thawte Consulting, L=Cape Town, ST=Western Cape, C=ZA>
<EMAILADDRESS=personal-premium@thawte.com, CN=Thawte Personal Premium CA, OU=Certification Services Division, O=Thawte Consulting, L=Cape Town, ST=Western Cape, C=ZA>
<CN=VeriSign Class 1 Public Primary Certification Authority - G3, OU="(c) 1999 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US>
<CN=VeriSign Class 2 Public Primary Certification Authority - G3, OU="(c) 1999 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US>
<CN=VeriSign Class 3 Public Primary Certification Authority - G3, OU="(c) 1999 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US>
<CN=VeriSign Class 4 Public Primary Certification Authority - G3, OU="(c) 1999 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US>
<OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 1 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US>
<OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 2 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US>
<OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 3 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US>
<OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 4 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US>
<OU=Class 1 Public Primary Certification Authority, O="VeriSign, Inc.", C=US>
<OU=Class 2 Public Primary Certification Authority, O="VeriSign, Inc.", C=US>
<OU=Class 3 Public Primary Certification Authority, O="VeriSign, Inc.", C=US>
<CN=VeriSign Class 3 Secure Server CA, OU=Terms of use at https://www.verisign.com/rpa (c)05, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US>
<CN=Entrust.net Secure Server Certification Authority, OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/CPS incorp. by ref. (limits liab.), O=Entrust.net, C=US>
<CN=Entrust.net Certification Authority (2048), OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.), O=Entrust.net>
<CN=Entrust.net Client Certification Authority, OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/Client_CA_Info/CPS incorp. by ref. limits liab., O=Entrust.net, C=US>
<CN=Entrust.net Client Certification Authority, OU=(c) 2000 Entrust.net Limited, OU=www.entrust.net/GCCA_CPS incorp. by ref. (limits liab.), O=Entrust.net>
<CN=Entrust.net Secure Server Certification Authority, OU=(c) 2000 Entrust.net Limited, OU=www.entrust.net/SSL_CPS incorp. by ref. (limits liab.), O=Entrust.net>
<CN=Pooja Joshi, OU=SGW, O=SUNGARD, L=PUNE, ST=MH, C=IN>
*** ServerHelloDone
matching alias: selfsigned
*** Certificate chain
chain [0] = [
[
Version: V3
Subject: CN=Pooja Joshi, OU=SGW, O=SUNGARD, L=PUNE, ST=MH, C=IN
Signature Algorithm: MD5withRSA, OID = 1.2.840.113549.1.1.4
Key: Sun RSA public key, 1024 bits
modulus: 132473562370742919150140985227175013875110053845431438145351913928668686945002725183702560702247749924970161010103451411451345824467592557656888776558245848713650717773344294766986771753500118311618188922138349812131167438364266468003061810102502957510761089213138803410346480285664890149111581898928681089463
public exponent: 65537
Validity: [From: Fri May 25 13:54:00 IST 2012,
To: Sat May 25 13:54:00 IST 2013]
Issuer: CN=Pooja Joshi, OU=SGW, O=SUNGARD, L=PUNE, ST=MH, C=IN
SerialNumber: [ 4fbf41a0]
]
Algorithm: [MD5withRSA]
Signature:
0000: 46 D0 CC DF AB 5F 6F D3 37 33 E1 64 F7 1B F7 3F F...._o.73.d...?
0010: 98 95 06 09 F9 84 C8 3A 65 CF A7 24 BB 46 95 DF .......:e..$.F..
0020: 8B 30 F2 BC 5C F9 CC 31 E4 36 53 43 BB 50 1B EF .0..\..1.6SC.P..
0030: 8C 9B DB C0 41 C9 2C 37 AD B6 1D 30 BF 6E 75 E4 ....A.,7...0.nu.
0040: A9 05 E7 30 5A B1 30 84 6B 8E B7 7A 83 2D 33 01 ...0Z.0.k..z.-3.
0050: A1 44 86 A0 11 30 C3 4D 5B 68 7E 0B 09 48 03 CC .D...0.M[h...H..
0060: DF C5 97 AD 87 40 DC 2A 9A 3D ED FC 27 D3 8B 4F .....@.*.=..'..O
0070: F0 21 02 E8 62 6B 05 63 57 BB E8 4D 33 EA 35 9E .!..bk.cW..M3.5.
]
***
*** ClientKeyExchange, RSA PreMasterSecret, SSLv3
main, WRITE: SSLv3 Handshake, length = 711
SESSION KEYGEN:
PreMaster Secret:
0000: 03 00 3D 04 C8 EF 08 83 A4 EF 85 1C D9 96 A0 77 ..=............w
0010: 32 2A A5 43 14 98 11 6F DD 01 52 73 4D DF B4 5A 2*.C...o..RsM..Z
0020: C5 2E FC 2A C0 F6 C2 9B 11 23 B2 C0 7B 59 E8 96 ...*.....#...Y..
CONNECTION KEYGEN:
Client Nonce:
0000: 4F C4 46 E2 8A C1 5F 71 56 FC FA 32 9A 79 49 08 O.F..._qV..2.yI.
0010: 5D 74 73 B8 B6 8E F0 CD 0F FA AC AB 6F 05 7A 34 ]ts.........o.z4
Server Nonce:
0000: 4F C4 46 E2 FA AD F8 5A F1 88 6B 77 63 5C 50 13 O.F....Z..kwc\P.
0010: DF DF 98 83 D8 73 F2 38 C6 87 9C 6F D2 EA DC 67 .....s.8...o...g
Master Secret:
0000: C0 20 A8 BC D1 A7 06 B0 C5 07 CA A7 83 C5 35 9E . ............5.
0010: 20 AB B6 28 8C 7E EF 14 CB 9D C1 ED C5 62 F8 A1 ..(.........b..
0020: 6A DE 9F AF 16 5B 2F 1D 21 8F A3 2C F7 B9 3D 36 j....[/.!..,..=6
Client MAC write Secret:
0000: 09 E8 CE 6C D1 2D 43 86 7E 74 1C 5F 68 DA E2 AE ...l.-C..t._h...
Server MAC write Secret:
0000: CE 62 DA F7 2C F2 2B 4A AD 47 8F 61 BD 58 51 BD .b..,.+J.G.a.XQ.
... no encryption keys used
... no IV used for this cipher
*** CertificateVerify
main, WRITE: SSLv3 Handshake, length = 134
main, WRITE: SSLv3 Change Cipher Spec, length = 1
*** Finished
verify_data: { 4, 127, 139, 212, 93, 181, 170, 62, 121, 196, 243, 156, 251, 103, 206, 222, 2, 10, 84, 35, 186, 251, 144, 6, 31, 97, 135, 179, 160, 127, 204, 93, 100, 140, 74, 79 }
***
main, WRITE: SSLv3 Handshake, length = 56
main, waiting for close_notify or alert: state 1
main, Exception while waiting for close java.net.SocketException: Software caused connection abort: recv failed
main, handling exception: java.net.SocketException: Software caused connection abort: recv failed
MQJE001: An MQException occurred: Completion Code 2, Reason 2397
MQJE030: IOException during security flows
MQJE001: Completion Code 2, Reason 2397
com.ibm.mq.MQException: MQJE001: Completion Code 2, Reason 2397
at com.ibm.mq.MQManagedConnectionJ11.<init>(MQManagedConnectionJ11.java:219)
at com.ibm.mq.MQClientManagedConnectionFactoryJ11._createManagedConnection(MQClientManagedConnectionFactoryJ11.java:318)
at com.ibm.mq.MQClientManagedConnectionFactoryJ11.createManagedConnection(MQClientManagedConnectionFactoryJ11.java:338)
at com.ibm.mq.StoredManagedConnection.<init>(StoredManagedConnection.java:84)
at com.ibm.mq.MQSimpleConnectionManager.allocateConnection(MQSimpleConnectionManager.java:168)
at com.ibm.mq.MQQueueManagerFactory.obtainBaseMQQueueManager(MQQueueManagerFactory.java:772)
at com.ibm.mq.MQQueueManagerFactory.procure(MQQueueManagerFactory.java:697)
at com.ibm.mq.MQQueueManagerFactory.constructQueueManager(MQQueueManagerFactory.java:657)
at com.ibm.mq.MQQueueManagerFactory.createQueueManager(MQQueueManagerFactory.java:153)
at com.ibm.mq.MQQueueManager.<init>(MQQueueManager.java:451)
at com.test.SSlTest.main(SSlTest.java:68)
Caused by: java.net.SocketException: Software caused connection abort: recv failed
at java.net.SocketInputStream.socketRead0(Native Method)
at java.net.SocketInputStream.read(SocketInputStream.java:129)
at com.sun.net.ssl.internal.ssl.InputRecord.readFully(InputRecord.java:293)
at com.sun.net.ssl.internal.ssl.InputRecord.read(InputRecord.java:331)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:798)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.waitForClose(SSLSocketImpl.java:1493)
at com.sun.net.ssl.internal.ssl.HandshakeOutStream.flush(HandshakeOutStream.java:103)
at com.sun.net.ssl.internal.ssl.Handshaker.sendChangeCipherSpec(Handshaker.java:689)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.sendChangeCipherAndFinish(ClientHandshaker.java:985)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverHelloDone(ClientHandshaker.java:904)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:238)
at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:593)
at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:529)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:893)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1138)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1165)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1149)
at com.ibm.mq.SSLHelper.configureSSLSocket(SSLHelper.java:567)
at com.ibm.mq.SSLHelper.createSSLSocket(SSLHelper.java:150)
at com.ibm.mq.MQInternalCommunications.createSocketConnection(MQInternalCommunications.java:2264)
at com.ibm.mq.MQv6InternalCommunications$1.run(MQv6InternalCommunications.java:157)
at java.security.AccessController.doPrivileged(Native Method)
at com.ibm.mq.MQv6InternalCommunications.initialize(MQv6InternalCommunications.java:154)
at com.ibm.mq.MQv6InternalCommunications.<init>(MQv6InternalCommunications.java:102)
at com.ibm.mq.MQSESSIONClient.MQCONNX(MQSESSIONClient.java:1337)
at com.ibm.mq.MQSESSIONClient.MQCONN(MQSESSIONClient.java:1246)
at com.ibm.mq.MQManagedConnectionJ11.<init>(MQManagedConnectionJ11.java:184)
... 10 more
请帮帮我....
最佳答案
你的调试过程很完美!首次设置 SSL 时,始终首先在没有 SSL 的情况下进行测试(验证 channel 名称拼写、监听器端口等),然后使用匿名 SSL 检查(验证客户端是否可以验证 QMgr 的证书),最后使用相互验证的 SSL 检查.
在这种情况下,失败发生在最后一步。至此,我们知道 QMgr 可以读取它的 KDB,并且客户端可以读取它的信任库。此时可能出现的问题很少,主要问题是客户端找不到其私钥或 QMgr 无法验证客户端的 key 。
由于跟踪显示客户端能够访问其 key ,我们知道这不是问题所在。在大多数情况下,这表明 QMgr 方面存在问题。这种情况下有两个典型的问题。
由于您提供了堆栈跟踪并且 key 交换的所有其他方面看起来都很好,我将大胆猜测并说原因是上面的#2。如果是这样,那么它很容易修复。您可以使用 runmqsc 输入命令 REFRESH SECURITY TYPE(SSL)这会导致 QMgr 停止所有 SSL channel 并从其缓存中清除 KDB。通过右键单击 QMgr,可以在 WMQ Explorer 中找到等效的命令。或者只是反弹 QMgr,它完成同样的事情。这些方法中的任何一种都会导致 QMgr 重新加载 KDB,从而使其能够访问新证书。
更新:
抱歉,这不是问题所在。您能否重现故障并查看 QMgr 的错误日志?您应该会在 /var/mqm/qmgrs/<qmgrname>/errors/AMQERR01.LOG 的底部看到错误失败之后。
您还可以在客户端和 QMgr 上转储证书详细信息,以验证它们匹配并在 QMgr 的 kdb 中标记为受信任。您已经知道如何使用 keytool 执行此操作。根据您的 WMQ 服务器版本,您可以使用 gsk7capicmd或 gsk8capicmd或使用 WMQ v7.1 runmqakm .首先使用 -cert -list 转储 QMgr 的 KDB命令,然后使用 -cert -details 转储客户端的证书并将结果作为对您的问题的更新发布。
这些命令将为您提供有关所需参数的帮助。如果您想了解更多详细信息,请转到 https://t-rob.net/wmq/在页面的中间位置,您可以找到 GSKit 7 和 GSKit 8 手册的链接。 runmqakm命令是 GSKit 8 的包装器,因此如果 QMgr 正在运行 WMQ v7.1,请使用 GSKit 8 手册。
关于java - 使用 Java SSL 的 IBM MQ 错误代码 2397,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/10793050/
25
4
0
我在网上搜索但没有找到任何合适的文章解释如何使用 javascript 使用 WCF 服务,尤其是 WebScriptEndpoint。 任何人都可以对此给出任何指导吗? 谢谢 最佳答案 这是一篇关于
我正在编写一个将运行 Linux 命令的 C 程序,例如: cat/etc/passwd | grep 列表 |剪切-c 1-5 我没有任何结果 *这里 parent 等待第一个 child (chi
所以我正在尝试处理文件上传,然后将该文件作为二进制文件存储到数据库中。在我存储它之后,我尝试在给定的 URL 上提供文件。我似乎找不到适合这里的方法。我需要使用数据库,因为我使用 Google 应用引
我正在尝试制作一个宏,将下面的公式添加到单元格中,然后将其拖到整个列中并在 H 列中复制相同的公式 我想在 F 和 H 列中输入公式的数据 Range("F1").formula = "=IF(ISE
问题类似于this one ,但我想使用 OperatorPrecedenceParser 解析带有函数应用程序的表达式在 FParsec . 这是我的 AST: type Expression =
我想通过使用 sequelize 和 node.js 将这个查询更改为代码取决于在哪里 select COUNT(gender) as genderCount from customers where
我正在使用GNU bash,版本5.0.3(1)-发行版(x86_64-pc-linux-gnu),我想知道为什么简单的赋值语句会出现语法错误: #/bin/bash var1=/tmp
这里,为什么我的代码在 IE 中不起作用。我的代码适用于所有浏览器。没有问题。但是当我在 IE 上运行我的项目时,它发现错误。 而且我的 jquery 类和 insertadjacentHTMl 也不
我正在尝试更改标签的innerHTML。我无权访问该表单,因此无法编辑 HTML。标签具有的唯一标识符是“for”属性。 这是输入和标签的结构:
我有一个页面,我可以在其中返回用户帖子,可以使用一些 jquery 代码对这些帖子进行即时评论,在发布新评论后,我在帖子下插入新评论以及删除 按钮。问题是 Delete 按钮在新插入的元素上不起作用,
我有一个大约有 20 列的“管道分隔”文件。我只想使用 sha1sum 散列第一列,它是一个数字,如帐号,并按原样返回其余列。 使用 awk 或 sed 执行此操作的最佳方法是什么? Accounti
我需要将以下内容插入到我的表中...我的用户表有五列 id、用户名、密码、名称、条目。 (我还没有提交任何东西到条目中,我稍后会使用 php 来做)但由于某种原因我不断收到这个错误:#1054 - U
所以我试图有一个输入字段,我可以在其中输入任何字符,但然后将输入的值小写,删除任何非字母数字字符,留下“。”而不是空格。 例如,如果我输入: 地球的 70% 是水,-!*#$^^ & 30% 土地 输
我正在尝试做一些我认为非常简单的事情,但出于某种原因我没有得到想要的结果?我是 javascript 的新手,但对 java 有经验,所以我相信我没有使用某种正确的规则。 这是一个获取输入值、检查选择
我想使用 angularjs 从 mysql 数据库加载数据。 这就是应用程序的工作原理;用户登录,他们的用户名存储在 cookie 中。该用户名显示在主页上 我想获取这个值并通过 angularjs
我正在使用 autoLayout,我想在 UITableViewCell 上放置一个 UIlabel,它应该始终位于单元格的右侧和右侧的中心。 这就是我想要实现的目标 所以在这里你可以看到我正在谈论的
我需要与 MySql 等效的 elasticsearch 查询。我的 sql 查询: SELECT DISTINCT t.product_id AS id FROM tbl_sup_price t
我正在实现代码以使用 JSON。 func setup() { if let flickrURL = NSURL(string: "https://api.flickr.com/
我尝试使用for循环声明变量,然后测试cols和rols是否相同。如果是,它将运行递归函数。但是,我在 javascript 中执行 do 时遇到问题。有人可以帮忙吗? 现在,在比较 col.1 和
我举了一个我正在处理的问题的简短示例。 HTML代码: 1 2 3 CSS 代码: .BB a:hover{ color: #000; } .BB > li:after {
我是一名优秀的程序员,十分优秀!