我在JRE 1.8(jdk1.8.0\U 101)上使用SSL从JBoss连接IBM MQ时遇到问题
我在下面一行评论java。安全但无任何变化:
jdk.certpath.disabledAlgorithms=MD2, MD5, RSA keySize < 1024
Caused by: com.ibm.msg.client.jms.DetailedJMSException: JMSWMQ0018: Failed to connect to queue manager 'xxxxx' with connection mode 'Client' and host name 'xxxx'.Check the queue manager is started and if running in client mode, check there is a listener running. Please see the linked exception for more information.
at com.ibm.msg.client.wmq.common.internal.Reason.reasonToException(Reason.java:580)
at com.ibm.msg.client.wmq.common.internal.Reason.createException(Reason.java:216)
at com.ibm.msg.client.wmq.internal.WMQConnection.<init>(WMQConnection.java:431)
at com.ibm.msg.client.wmq.internal.WMQXAConnection.<init>(WMQXAConnection.java:70)
at com.ibm.msg.client.wmq.factories.WMQXAConnectionFactory.createV7ProviderConnection(WMQXAConnectionFactory.java:190)
at com.ibm.msg.client.wmq.factories.WMQConnectionFactory.createProviderConnection(WMQConnectionFactory.java:6157)
at com.ibm.msg.client.wmq.factories.WMQXAConnectionFactory.createProviderXAConnection(WMQXAConnectionFactory.java:102)
at com.ibm.msg.client.jms.admin.JmsConnectionFactoryImpl.createXAConnectionInternal(JmsConnectionFactoryImpl.java:364)
at com.ibm.mq.jms.MQXAConnectionFactory.createXAConnection(MQXAConnectionFactory.java:124)
at com.ibm.mq.connector.ConnectionBuilder.createConnection(ConnectionBuilder.java:167)
... 22 more **Caused by: com.ibm.mq.MQException: JMSCMQ0001: WebSphere MQ call failed with compcode '2' ('MQCC_FAILED') reason '2393' ('MQRC_SSL_INITIALIZATION_ERROR')**.
at com.ibm.msg.client.wmq.common.internal.Reason.createException(Reason.java:204)
... 30 more Caused by: com.ibm.mq.jmqi.JmqiException: CC=2;RC=2393;AMQ9204: Connection to host 'xxxxx' rejected. [1=com.ibm.mq.jmqi.JmqiException[CC=2;RC=2393],3=xxxxx(1428),5=RemoteTCPConnection.buildTLSV1_2SocketFactory]
at com.ibm.mq.jmqi.remote.api.RemoteFAP.jmqiConnect(RemoteFAP.java:2098)
at com.ibm.mq.jmqi.remote.api.RemoteFAP.jmqiConnect(RemoteFAP.java:1347)
at com.ibm.msg.client.wmq.internal.WMQConnection.<init>(WMQConnection.java:350)
... 29 more Caused by: com.ibm.mq.jmqi.JmqiException: CC=2;RC=2393
at com.ibm.mq.jmqi.remote.impl.RemoteTCPConnection.buildTLSV1_2SocketFactory(RemoteTCPConnection.java:2480)
at com.ibm.mq.jmqi.remote.impl.RemoteTCPConnection.chooseSocketFactory(RemoteTCPConnection.java:2130)
at com.ibm.mq.jmqi.remote.impl.RemoteTCPConnection.makeSocketSecure(RemoteTCPConnection.java:1945)
at com.ibm.mq.jmqi.remote.impl.RemoteTCPConnection.connnectUsingLocalAddress(RemoteTCPConnection.java:855)
at com.ibm.mq.jmqi.remote.impl.RemoteTCPConnection.protocolConnect(RemoteTCPConnection.java:1262)
at com.ibm.mq.jmqi.remote.impl.RemoteConnection.connect(RemoteConnection.java:714)
at com.ibm.mq.jmqi.remote.impl.RemoteConnectionSpecification.getSessionFromNewConnection(RemoteConnectionSpecification.java:356)
at com.ibm.mq.jmqi.remote.impl.RemoteConnectionSpecification.getSession(RemoteConnectionSpecification.java:265)
at com.ibm.mq.jmqi.remote.impl.RemoteConnectionPool.getSession(RemoteConnectionPool.java:144)
at com.ibm.mq.jmqi.remote.api.RemoteFAP.jmqiConnect(RemoteFAP.java:1709)
... 31 more **Caused by: java.security.NoSuchAlgorithmException: SSL_TLSv2 SSLContext not available**
at sun.security.jca.GetInstance.getInstance(GetInstance.java:159) [rt.jar:1.8.0_101]
at javax.net.ssl.SSLContext.getInstance(SSLContext.java:156) [rt.jar:1.8.0_101]
at com.ibm.mq.jmqi.remote.impl.RemoteTCPConnection.buildTLSV1_2SocketFactory(RemoteTCPConnection.java:2461)
... 40 more
更新:在进行以下更改后,出现如下新错误:TLS\U RSA\U WITH\U AES\U 128\U CBC\U SHA256 JVM参数已添加:-Dcom。ibm。mq。cfg公司。useIBMCipherMappings=false
Caused by: com.ibm.msg.client.jms.DetailedIllegalStateException: JMSWMQ0018: Failed to connect to queue manager 'mqtap.uyg.uat11' with connection mode 'Client' and host name 'xxx'. Check the queue manager is started and if running in client mode, check there is a listener running. Please see the linked exception for more information.
at com.ibm.msg.client.wmq.common.internal.Reason.reasonToException(Reason.java:474)
at com.ibm.msg.client.wmq.common.internal.Reason.createException(Reason.java:216)
at com.ibm.msg.client.wmq.internal.WMQConnection.<init>(WMQConnection.java:431)
at com.ibm.msg.client.wmq.internal.WMQXAConnection.<init>(WMQXAConnection.java:70)
at com.ibm.msg.client.wmq.factories.WMQXAConnectionFactory.createV7ProviderConnection(WMQXAConnectionFactory.java:190)
at com.ibm.msg.client.wmq.factories.WMQConnectionFactory.createProviderConnection(WMQConnectionFactory.java:6157)
at com.ibm.msg.client.wmq.factories.WMQXAConnectionFactory.createProviderXAConnection(WMQXAConnectionFactory.java:102)
at com.ibm.msg.client.jms.admin.JmsConnectionFactoryImpl.createXAConnectionInternal(JmsConnectionFactoryImpl.java:364)
at com.ibm.mq.jms.MQXAConnectionFactory.createXAConnection(MQXAConnectionFactory.java:124)
at com.ibm.mq.connector.ConnectionBuilder.createConnection(ConnectionBuilder.java:167)
... 22 more Caused by: com.ibm.mq.MQException: JMSCMQ0001: WebSphere MQ call failed with compcode '2' ('MQCC_FAILED') reason '2059' ('MQRC_Q_MGR_NOT_AVAILABLE').
at com.ibm.msg.client.wmq.common.internal.Reason.createException(Reason.java:204)
... 30 more Caused by: com.ibm.mq.jmqi.JmqiException: CC=2;RC=2059;AMQ9204: Connection to host 'xxx' rejected. [1=com.ibm.mq.jmqi.JmqiException[CC=2;RC=2059;AMQ9503: Channel negotiation failed. [3=xxx]],3=xxx,5=RemoteConnection.analyseErrorSegment]
at com.ibm.mq.jmqi.remote.api.RemoteFAP.jmqiConnect(RemoteFAP.java:2098)
at com.ibm.mq.jmqi.remote.api.RemoteFAP.jmqiConnect(RemoteFAP.java:1347)
at com.ibm.msg.client.wmq.internal.WMQConnection.<init>(WMQConnection.java:350)
... 29 more Caused by: com.ibm.mq.jmqi.JmqiException: CC=2;RC=2059;AMQ9503: Channel negotiation failed. [3=xxx]
at com.ibm.mq.jmqi.remote.impl.RemoteConnection.analyseErrorSegment(RemoteConnection.java:3850)
at com.ibm.mq.jmqi.remote.impl.RemoteConnection.receiveTSH(RemoteConnection.java:2749)
at com.ibm.mq.jmqi.remote.impl.RemoteConnection.initSess(RemoteConnection.java:1024)
at com.ibm.mq.jmqi.remote.impl.RemoteConnection.connect(RemoteConnection.java:717)
at com.ibm.mq.jmqi.remote.impl.RemoteConnectionSpecification.getSessionFromNewConnection(RemoteConnectionSpecification.java:356)
at com.ibm.mq.jmqi.remote.impl.RemoteConnectionSpecification.getSession(RemoteConnectionSpecification.java:265)
at com.ibm.mq.jmqi.remote.impl.RemoteConnectionPool.getSession(RemoteConnectionPool.java:144)
at com.ibm.mq.jmqi.remote.api.RemoteFAP.jmqiConnect(RemoteFAP.java:1709)
... 31 more
javax.net.debug=ssl的更新输出:
trustStore is: C:\dev\eclipse\workspace\XXX\src\main\application\config\XXX\keystore.jks
trustStore type is : jks
trustStore provider is :
init truststore
adding as trusted cert:
Subject: CN=mqClientmqtap.uyg.uat, OU=XXX BT, O=XXX TAS, L=XXX, C=TR
Issuer: CN=mqClientmqtap.uyg.uat, OU=XXX BT, O=XXX TAS, L=XXX, C=TR
Algorithm: RSA; Serial number: 0x5889a408
Valid from Thu Jan 26 10:23:52 EET 2017 until Sun Jan 24 10:23:52 EET 2027
adding as trusted cert:
Subject: CN=mqServermqtap.uyg.uat11, OU=XXX BT, O=XXX TAS, L=XXX, C=TR
Issuer: CN=mqServermqtap.uyg.uat11, OU=XXX BT, O=XXX TAS, L=XXX, C=TR
Algorithm: RSA; Serial number: 0x588996d3
Valid from Thu Jan 26 09:27:31 EET 2017 until Sun Jan 24 09:27:31 EET 2027
adding as trusted cert:
Subject: CN=mqServermqtap.uyg.uat12, OU=XXX BT, O=XXX TAS, L=XXX, C=TR
Issuer: CN=mqServermqtap.uyg.uat12, OU=XXX BT, O=XXX TAS, L=XXX, C=TR
Algorithm: RSA; Serial number: 0x5889994c
Valid from Thu Jan 26 09:38:04 EET 2017 until Sun Jan 24 09:38:04 EET 2027
trigger seeding of SecureRandom
done seeding SecureRandom
Allow unsafe renegotiation: falseAllow legacy hello messages: XXXueIs initial handshake: XXXueIs secure renegotiation: false
%% No cached client session
*** ClientHello, TLSv1.2
RandomCookie: GMT: 1573949056 bytes = { 248, 4, 131, 18, 179, 77, 58, 163, 213, 86, 162, 39, 153, 233, 66, 82, 68, 140, 162, 144, 245, 223, 148, 131, 41, 17, 182, 13 }
Session ID: {}
Cipher Suites: [TLS_RSA_WITH_AES_128_CBC_SHA256]
Compression Methods: { 0 }
Extension signature_algorithms, signature_algorithms: SHA512withECDSA, SHA512withRSA, SHA384withECDSA, SHA384withRSA, SHA256withECDSA, SHA256withRSA, SHA1withECDSA, SHA1withRSA, SHA1withDSA
Extension server_name, server_name: [type=host_name (0), value=mqkont1.XXX.com.XXX]
Extension renegotiation_info, renegotiated_connection: <empty>
***
jmsContainerBean_DEVOPS_DEVOPS_CONSUME_MESSAGE-1, WRITE: TLSv1.2 Handshake, length = 106
jmsContainerBean_DEVOPS_DEVOPS_CONSUME_MESSAGE-1, READ: TLSv1.2 Handshake, length = 1247
*** ServerHello, TLSv1.2
RandomCookie: GMT: 710208142 bytes = { 152, 40, 119, 253, 151, 47, 206, 243, 81, 108, 25, 227, 196, 180, 235, 231, 180, 213, 136, 245, 68, 79, 87, 78, 71, 82, 68, 1 }
Session ID: {233, 220, 107, 227, 28, 86, 6, 240, 170, 113, 171, 164, 93, 132, 7, 120, 51, 79, 103, 215, 78, 157, 179, 176, 103, 14, 128, 68, 104, 28, 158, 75}
Cipher Suite: TLS_RSA_WITH_AES_128_CBC_SHA256
Compression Method: 0
Extension renegotiation_info, renegotiated_connection: <empty>
***
%% Initialized: [Session-2, TLS_RSA_WITH_AES_128_CBC_SHA256]
** TLS_RSA_WITH_AES_128_CBC_SHA256
*** Certificate chain
chain [0] = [[ Version: V3 Subject: CN=mqServermqtap.uyg.uat11, OU=XXX BT, O=XXX TAS, L=XXX, C=XXX Signature Algorithm: SHA256withRSA, OID = 1.2.840.113549.1.1.11 Key: Sun RSA public key, 2048 bits modulus: 16868959742511831543539228188322318728282173929458725924838613545208147879023122029920833782971719231363516671703224653599860963934312081835272320238812022534477095634694802627860269361713438182846321229058529392716608829685708314508449574441166109812419649123445875905638934406872091742574829759871314621197235350998579563031139677192512639546904745848670104988385994626620908449612658040233325854445643585926360496269974991459750688880211123355953429519072414353674373705386071983844550354941821794692371907044593903275788892906274112049209437573188855729556317970379842595602177784867998565702046085858658609856373 public exponent: 65537 Validity: [From: Thu Jan 26 09:27:31 EET 2017, To: Sun Jan 24 09:27:31 EET 2027] Issuer: CN=mqServermqtap.uyg.uat11, OU=XXX BT, O=XXX TAS, L=XXX, C=XXX SerialNumber: [ 588996d3]Certificate Extensions: 2[1]: ObjectId: 2.5.29.35 Criticality=falseAuthorityKeyIdentifier [KeyIdentifier [0000: 04 62 9C B2 40 5E E0 C7 .b..@^..
]][2]: ObjectId: 2.5.29.14 Criticality=falseSubjectKeyIdentifier [KeyIdentifier [0000: 04 62 9C B2 40 5E E0 C7 .b..@^..
]]] Algorithm: [SHA256withRSA] Signature:0000: 27 23 9A F1 20 45 4E 98 2C A7 38 83 CE 99 7A 41 '#.. EN.,.8...zA
0010: 0A 3A 57 02 E9 0F DE 73 73 01 07 B0 D8 19 C7 E2 .:W....ss.......
0020: F2 2D 16 85 31 37 19 37 E4 2D B1 2C 4A F1 79 E4 .-..17.7.-.,J.y.
0030: 09 99 E0 3A 47 B3 E2 4F F4 EE 01 C3 D4 52 D4 94 ...:G..O.....R..
0040: 38 49 09 59 3E 63 C1 44 48 B1 1F E3 B3 16 69 38 8I.Y>c.DH.....i8
0050: E1 FA 5A 73 6F D1 F4 64 B3 0F 2E FD 49 72 87 F2 ..Zso..d....Ir..
0060: 7E 59 76 87 C2 97 1C 8A 69 ED 92 52 D6 A4 3A 88 .Yv.....i..R..:.
0070: 84 43 20 4B C7 4B C8 42 18 A0 E5 BF A6 C8 A7 32 .C K.K.B.......2
0080: F2 E4 AA A3 F0 08 1F DF F2 5E EE 1E 9F 84 4A CB .........^....J.
0090: 80 A8 9D 83 ED 6D 2A 5F A2 C1 9E FC 89 D1 08 C0 .....m*_........
00A0: 82 DA 4D D1 97 3B AB AB 1A 8B 35 D9 1C C0 DF B4 ..M..;....5.....
00B0: 67 E3 39 A4 C8 73 2C F0 2A 70 2B 14 F7 F1 9C E8 g.9..s,.*p+.....
00C0: 71 89 99 93 AB AE D6 4B A0 46 1A 13 54 4E 6B 3B q......K.F..TNk;
00D0: E9 CE 97 92 4D 64 25 0C D9 4F 3B A6 CC 78 36 C0 ....Md%..O;..x6.
00E0: AE 75 0F A9 C1 3D D8 B2 AF 5F 68 9F FB EB 31 2F .u...=..._h...1/
00F0: 41 16 83 04 7B F2 0D 8E 07 47 47 8F 55 F7 33 29 A........GG.U.3)
]
***
Found XXXusted certificate:
[[ Version: V3 Subject: CN=mqServermqtap.uyg.uat11, OU=XXX BT, O=XXX TAS, L=XXX, C=XXX Signature Algorithm: SHA256withRSA, OID = 1.2.840.113549.1.1.11 Key: Sun RSA public key, 2048 bits modulus: 16868959742511831543539228188322318728282173929458725924838613545208147879023122029920833782971719231363516671703224653599860963934312081835272320238812022534477095634694802627860269361713438182846321229058529392716608829685708314508449574441166109812419649123445875905638934406872091742574829759871314621197235350998579563031139677192512639546904745848670104988385994626620908449612658040233325854445643585926360496269974991459750688880211123355953429519072414353674373705386071983844550354941821794692371907044593903275788892906274112049209437573188855729556317970379842595602177784867998565702046085858658609856373 public exponent: 65537 Validity: [From: Thu Jan 26 09:27:31 EET 2017, To: Sun Jan 24 09:27:31 EET 2027] Issuer: CN=mqServermqtap.uyg.uat11, OU=XXX BT, O=XXX TAS, L=XXX, C=XXX SerialNumber: [ 588996d3]Certificate Extensions: 2[1]: ObjectId: 2.5.29.35 Criticality=falseAuthorityKeyIdentifier [KeyIdentifier [0000: 04 62 9C B2 40 5E E0 C7 .b..@^..
]][2]: ObjectId: 2.5.29.14 Criticality=falseSubjectKeyIdentifier [KeyIdentifier [0000: 04 62 9C B2 40 5E E0 C7 .b..@^..
]]] Algorithm: [SHA256withRSA] Signature:0000: 27 23 9A F1 20 45 4E 98 2C A7 38 83 CE 99 7A 41 '#.. EN.,.8...zA
0010: 0A 3A 57 02 E9 0F DE 73 73 01 07 B0 D8 19 C7 E2 .:W....ss.......
0020: F2 2D 16 85 31 37 19 37 E4 2D B1 2C 4A F1 79 E4 .-..17.7.-.,J.y.
0030: 09 99 E0 3A 47 B3 E2 4F F4 EE 01 C3 D4 52 D4 94 ...:G..O.....R..
0040: 38 49 09 59 3E 63 C1 44 48 B1 1F E3 B3 16 69 38 8I.Y>c.DH.....i8
0050: E1 FA 5A 73 6F D1 F4 64 B3 0F 2E FD 49 72 87 F2 ..Zso..d....Ir..
0060: 7E 59 76 87 C2 97 1C 8A 69 ED 92 52 D6 A4 3A 88 .Yv.....i..R..:.
0070: 84 43 20 4B C7 4B C8 42 18 A0 E5 BF A6 C8 A7 32 .C K.K.B.......2
0080: F2 E4 AA A3 F0 08 1F DF F2 5E EE 1E 9F 84 4A CB .........^....J.
0090: 80 A8 9D 83 ED 6D 2A 5F A2 C1 9E FC 89 D1 08 C0 .....m*_........
00A0: 82 DA 4D D1 97 3B AB AB 1A 8B 35 D9 1C C0 DF B4 ..M..;....5.....
00B0: 67 E3 39 A4 C8 73 2C F0 2A 70 2B 14 F7 F1 9C E8 g.9..s,.*p+.....
00C0: 71 89 99 93 AB AE D6 4B A0 46 1A 13 54 4E 6B 3B q......K.F..TNk;
00D0: E9 CE 97 92 4D 64 25 0C D9 4F 3B A6 CC 78 36 C0 ....Md%..O;..x6.
00E0: AE 75 0F A9 C1 3D D8 B2 AF 5F 68 9F FB EB 31 2F .u...=..._h...1/
00F0: 41 16 83 04 7B F2 0D 8E 07 47 47 8F 55 F7 33 29 A........GG.U.3)
]
*** CertificateRequest
Cert Types: RSA, DSS, ECDSA
Supported Signature Algorithms: SHA512withRSA, SHA384withRSA, SHA256withRSA, Unknown (hash:0x3, signature:0x1), SHA1withRSA, SHA512withECDSA, SHA384withECDSA, SHA256withECDSA, Unknown (hash:0x3, signature:0x3), SHA1withECDSA, SHA1withDSA
Cert Authorities:
<CN=mqClientmqtap.uyg.uat, OU=XXX BT, O=XXX TAS, L=XXX, C=XXX>
<CN=mqServermqtap.uyg.uat11, OU=XXX BT, O=XXX TAS, L=XXX, C=XXX>
*** ServerHelloDone
Warning: no suitable certificate found - continuing without client authentication
*** Certificate chain
<Empty>
***
*** ClientKeyExchange, RSA PreMasterSecret, TLSv1.2
jmsContainerBean_DEVOPS_DEVOPS_CONSUME_MESSAGE-1, WRITE: TLSv1.2 Handshake, length = 269
SESSION KEYGEN:
PreMaster Secret:
0000: 03 03 B7 63 CA 3F 6F F4 A3 C8 68 5F 4E D4 84 9A ...c.?o...h_N...
0010: 17 03 40 12 66 C2 C3 D0 67 EE 64 54 50 5D AF ED ..@.f...g.dTP]..
0020: CD 8E 45 A9 6F CF 91 E1 60 6A 63 0D 9B CB AF D7 ..E.o...`jc.....
CONNECTION KEYGEN:
Client Nonce:
0000: 5E D1 8F 80 F8 04 83 12 B3 4D 3A A3 D5 56 A2 27 ^........M:..V.'
0010: 99 E9 42 52 44 8C A2 90 F5 DF 94 83 29 11 B6 0D ..BRD.......)...
Server Nonce:
0000: 2A 55 EB 8E 98 28 77 FD 97 2F CE F3 51 6C 19 E3 *U...(w../..Ql..
0010: C4 B4 EB E7 B4 D5 88 F5 44 4F 57 4E 47 52 44 01 ........DOWNGRD.
Master Secret:
0000: D9 0B 10 DB B5 9A 64 0C 56 2E 70 89 93 E4 52 6A ......d.V.p...Rj
0010: F7 C2 A9 9F 0D 6E 47 82 84 A0 6F D9 58 C0 E8 FF .....nG...o.X...
0020: E1 BB 6D 74 76 B0 D6 E5 83 FA 6F 89 D2 C1 BC 06 ..mtv.....o.....
Client MAC write Secret:
0000: 2E C0 A1 1A 6B 63 40 13 C9 2F 96 29 29 6B 46 3C ....kc@../.))kF<
0010: 61 48 69 06 66 9A 20 45 3C F4 63 BB 80 AE 95 84 aHi.f. E<.c.....
Server MAC write Secret:
0000: 64 5D 2F F0 C3 76 E7 53 61 0A D6 9A 23 80 7E 29 d]/..v.Sa...#..)
0010: C9 15 CC 4A 1A 6A 0C F8 5D A6 2F C3 CE F8 04 88 ...J.j..]./.....
Client write key:
0000: A1 3C 3A F9 81 3E 4A F4 D5 30 EB 7C FB 10 AF 1B .<:..>J..0......
Server write key:
0000: 0F 0C 65 F8 C5 6B C1 8B C4 51 36 35 2E 9F ED D6 ..e..k...Q65....
... no IV derived for this protocol
jmsContainerBean_DEVOPS_DEVOPS_CONSUME_MESSAGE-1, WRITE: TLSv1.2 Change Cipher Spec, length = 1
*** Finished
verify_data: { 101, 32, 15, 187, 98, 153, 21, 159, 88, 122, 119, 59 }
***
jmsContainerBean_DEVOPS_DEVOPS_CONSUME_MESSAGE-1, WRITE: TLSv1.2 Handshake, length = 80
jmsContainerBean_DEVOPS_DEVOPS_CONSUME_MESSAGE-1, READ: TLSv1.2 Change Cipher Spec, length = 1
jmsContainerBean_DEVOPS_DEVOPS_CONSUME_MESSAGE-1, READ: TLSv1.2 Handshake, length = 80
*** Finished
verify_data: { 80, 170, 1, 54, 80, 55, 237, 31, 125, 189, 221, 180 }
***
%% Cached client session: [Session-2, TLS_RSA_WITH_AES_128_CBC_SHA256]
jmsContainerBean_DEVOPS_DEVOPS_CONSUME_MESSAGE-1, WRITE: TLSv1.2 Application Data, length = 288
jmsContainerBean_DEVOPS_DEVOPS_CONSUME_MESSAGE-1, setSoTimeout(5000) called
jmsContainerBean_DEVOPS_DEVOPS_CONSUME_MESSAGE-1, READ: TLSv1.2 Application Data, length = 96
jmsContainerBean_DEVOPS_DEVOPS_CONSUME_MESSAGE-1, setSoTimeout(0) called
jmsContainerBean_DEVOPS_DEVOPS_CONSUME_MESSAGE-1, called close()
jmsContainerBean_DEVOPS_DEVOPS_CONSUME_MESSAGE-1, called closeInternal(XXXue)
jmsContainerBean_DEVOPS_DEVOPS_CONSUME_MESSAGE-1, SEND TLSv1.2 ALERT: warning, description = close_notify
jmsContainerBean_DEVOPS_DEVOPS_CONSUME_MESSAGE-1, WRITE: TLSv1.2 Alert, length = 64
jmsContainerBean_DEVOPS_DEVOPS_CONSUME_MESSAGE-1, called closeSocket(XXXue)
01:41:04,148 WARN [org.jboss.jca.core.connectionmanager.pool.sXXXategy.OnePool
得到IBMMQ Client jar后,我成功地从Oracle JRE连接到IBMMQhttps://mvnrepository.com/artifact/com.ibm.mq/wmq.jmsra/9.1.5.0
您在发送方运行的是非常旧的软件版本,MQ 7.1在三年前(2017年4月30日)失去了支持。据我所知,IBM将以一定的成本提供额外三年的扩展支持,因此,这条支持途径似乎已经结束。7.1.0.7维护版本本身于2015年11月15日发布,因此目前已超过4.5年。我强烈建议你换个新版本。
请注意,MQ v8.0于2020年4月30日停止支持,IBM宣布MQ v9.0于2021年9月30日停止支持。当您进行迁移时,您应该使用9.1,它没有宣布支持结束(他们给出了至少五年的时间,所以可能是2023年),或者使用应该在今年晚些时候推出的下一个版本的MQ。
您在问题和评论中详细介绍了两个问题。
>
com.ibm.mq.cfg.useIBMCipherMappings=false
TLS_RSA_WITH_AES_128_CBC_SHA256
纠正上述错误后,您开始出现新的错误。根据您所做的故障排除和ssl调试日志,我注意到您所使用的MQ版本不包括APAR IT10837:WEBSPINE MQ CHANNEL START使用在ORACLE JRE中运行的TLS 1.2 CIPher时,AMQ9637会失败
PROBLEM DESCRIPTION:
The Oracle JVM did not create a default internal key manager
object for TLS socket connections, meaning that the client's
signed personal certificates were not available for client
authentication during the handshake, causing the connection
attempt to fail.
Problem conclusion
An internal key manager object is now created for Oracle TLS
connections, so the client's signed personal certificates are
available during the handshake and the connection attempt
succeeds.
---------------------------------------------------------------
The fix is targeted for delivery in the following PTFs:
Version Maintenance Level
v7.1 7.1.0.8
v7.5 7.5.0.7
v8.0 8.0.0.5
因此,MQ找不到您的密钥库和信任库。
建议的解决方案是升级到受支持的IBM MQ版本。您可以使用Maven从以下链接获取当前的IBM MQ v9.1.0.5 LTS支持客户端:
MVN仓库”com.ibm.mqcom.ibm.mq.allclient
所以,假设您想使用公钥验证签名,该公钥使用ECDSA算法和brainpoolP256r1椭圆曲线。 要运行以下代码,请执行以下步骤: 使用以下命令生成脑池密钥对: 在java 8上运行此代码将导致: 使用java 11,控制台将打印“true”。 那是为什么呢?
我已经创建了谷歌应用程序引擎项目,使用预测Api 1.5v。当我在本地均值localhost:8888使用谷歌o2Auth身份验证与客户端ID和客户端运行时,它对我来说工作正常secret.but当我实时运行它时,它会给出一个错误 Java语言安全AccessControlException:访问被拒绝(“java.io.FilePermission”“/base/data/home/apps/s
这是个例外 这是我的密码
我有java 1.4版本的代码,我们有一个新的要求,比如从另一个webservice响应中解密密码,因此必须使用AES 256解密,得到以下异常: 我试图将jce\U policy\u 1-4版本JAR复制到java home security文件夹中,但仍遇到上述异常 Java 1.4中是否有不更改为1.5的解决方案,因为运行jboss server 3.2.3版将不支持Java 1.5。
问题内容: 当前(Java 6)中是否有您可以用Java字节码执行的,您无法在Java语言中执行的操作? 我知道两者都已经完成了图灵,所以将“可以做”理解为“可以更快/更好地做事,或者只是以不同的方式做”。 我正在考虑无法使用Java生成额外的字节码,例如,除非特定的字节码用于将来的版本。 问题答案: 据我所知,Java 6支持的字节码中没有任何主要功能,这些功能也无法从Java源代码访问。这样做
本文向大家介绍sitecore 安全断言,包括了sitecore 安全断言的使用技巧和注意事项,需要的朋友参考一下 示例 CanRunApplication 检查用户是否有权运行给定的应用程序。如果没有,AccessDeniedException则抛出。 HasAccess HasAccess将检查给定参数是否为true,否则AccessDeniedException将抛出。