I am unable to connect from wM IS 7.1.2 to MQ Series 188.8.131.52 over SSL. I don’t think this is a factor, but interestingly, MQ SSL works fine in single node environment; but fails in multi-node environments (using Cisco load balancer as opposed to wM clustering). The error message coming back to the wM MQ Adapter is “[ADA.600.3033] Connection to Queue Manager MyQMgr could not be initialized; cc=2,rc=2009”.
I think we’ve identified that the issue is that wM is not presenting it’s cert during the SSL handshake.
After turning on SSL debugging at the JVM level, here’s something I see in wM nohup.out:
HTTP Handler 10.139.82.246, SEND SSLv3 ALERT: warning, description = no_certificate
And for the same connection attempt, here’s what the MQ Admin sees on the MQ side:
AMQ9637: Channel is lacking a certificate.
The channel is lacking a certificate to use for the SSL handshake. The channel name is ‘MY.CHANNEL’ (if ‘???’ it is unknown at this stage in the SSL processing). The channel did not start.
Make sure the appropriate certificates are correctly configured in the key repositories for both ends of the channel.
I think the issue is on the wM side as opposed to something being wrong in MQ because I am able to connect to that same target MQ server from another wM environment.
Per our MQ Admin, here’s how all channels are defined on the MQ side:
1 : DIS CHL(MY.CHANNEL)
AMQ8414: Display Channel details.
DESCR(Client chl for App HBINT(300)
RCVDATA( ) RCVEXIT( )
SCYDATA( ) SCYEXIT( )
SENDDATA( ) SENDEXIT( )