登录
当前位置: 首页 > 知识库问答 >
问题:

Java语言安全NoSuchAlgorithmException:SSL\U TLSv2 SSLContext不可用

谭嘉歆
2023-03-14

我在JRE 1.8(jdk1.8.0\U 101)上使用SSL从JBoss连接IBM MQ时遇到问题

我在下面一行评论java。安全但无任何变化:

jdk.certpath.disabledAlgorithms=MD2, MD5, RSA keySize < 1024 

Caused by: com.ibm.msg.client.jms.DetailedJMSException: JMSWMQ0018: Failed to connect to queue manager 'xxxxx' with connection mode 'Client' and host name 'xxxx'.Check the queue manager is started and if running in client mode, check there is a listener running. Please see the linked exception for more information.
at com.ibm.msg.client.wmq.common.internal.Reason.reasonToException(Reason.java:580)
at com.ibm.msg.client.wmq.common.internal.Reason.createException(Reason.java:216)
at com.ibm.msg.client.wmq.internal.WMQConnection.<init>(WMQConnection.java:431)
at com.ibm.msg.client.wmq.internal.WMQXAConnection.<init>(WMQXAConnection.java:70)
at com.ibm.msg.client.wmq.factories.WMQXAConnectionFactory.createV7ProviderConnection(WMQXAConnectionFactory.java:190)
at com.ibm.msg.client.wmq.factories.WMQConnectionFactory.createProviderConnection(WMQConnectionFactory.java:6157)
at com.ibm.msg.client.wmq.factories.WMQXAConnectionFactory.createProviderXAConnection(WMQXAConnectionFactory.java:102)
at com.ibm.msg.client.jms.admin.JmsConnectionFactoryImpl.createXAConnectionInternal(JmsConnectionFactoryImpl.java:364)
at com.ibm.mq.jms.MQXAConnectionFactory.createXAConnection(MQXAConnectionFactory.java:124)
at com.ibm.mq.connector.ConnectionBuilder.createConnection(ConnectionBuilder.java:167)
... 22 more **Caused by: com.ibm.mq.MQException: JMSCMQ0001: WebSphere MQ call failed with compcode '2' ('MQCC_FAILED') reason '2393' ('MQRC_SSL_INITIALIZATION_ERROR')**.
at com.ibm.msg.client.wmq.common.internal.Reason.createException(Reason.java:204)
... 30 more Caused by: com.ibm.mq.jmqi.JmqiException: CC=2;RC=2393;AMQ9204: Connection to host 'xxxxx' rejected. [1=com.ibm.mq.jmqi.JmqiException[CC=2;RC=2393],3=xxxxx(1428),5=RemoteTCPConnection.buildTLSV1_2SocketFactory]
at com.ibm.mq.jmqi.remote.api.RemoteFAP.jmqiConnect(RemoteFAP.java:2098)
at com.ibm.mq.jmqi.remote.api.RemoteFAP.jmqiConnect(RemoteFAP.java:1347)
at com.ibm.msg.client.wmq.internal.WMQConnection.<init>(WMQConnection.java:350)
... 29 more  Caused by: com.ibm.mq.jmqi.JmqiException: CC=2;RC=2393
at com.ibm.mq.jmqi.remote.impl.RemoteTCPConnection.buildTLSV1_2SocketFactory(RemoteTCPConnection.java:2480)
at com.ibm.mq.jmqi.remote.impl.RemoteTCPConnection.chooseSocketFactory(RemoteTCPConnection.java:2130)
at com.ibm.mq.jmqi.remote.impl.RemoteTCPConnection.makeSocketSecure(RemoteTCPConnection.java:1945)
at com.ibm.mq.jmqi.remote.impl.RemoteTCPConnection.connnectUsingLocalAddress(RemoteTCPConnection.java:855)
at com.ibm.mq.jmqi.remote.impl.RemoteTCPConnection.protocolConnect(RemoteTCPConnection.java:1262)
at com.ibm.mq.jmqi.remote.impl.RemoteConnection.connect(RemoteConnection.java:714)
at com.ibm.mq.jmqi.remote.impl.RemoteConnectionSpecification.getSessionFromNewConnection(RemoteConnectionSpecification.java:356)
at com.ibm.mq.jmqi.remote.impl.RemoteConnectionSpecification.getSession(RemoteConnectionSpecification.java:265)
at com.ibm.mq.jmqi.remote.impl.RemoteConnectionPool.getSession(RemoteConnectionPool.java:144)
at com.ibm.mq.jmqi.remote.api.RemoteFAP.jmqiConnect(RemoteFAP.java:1709)
... 31 more **Caused by: java.security.NoSuchAlgorithmException: SSL_TLSv2 SSLContext not available**
at sun.security.jca.GetInstance.getInstance(GetInstance.java:159) [rt.jar:1.8.0_101]
at javax.net.ssl.SSLContext.getInstance(SSLContext.java:156) [rt.jar:1.8.0_101]
at com.ibm.mq.jmqi.remote.impl.RemoteTCPConnection.buildTLSV1_2SocketFactory(RemoteTCPConnection.java:2461)
... 40 more

更新:在进行以下更改后,出现如下新错误:TLS\U RSA\U WITH\U AES\U 128\U CBC\U SHA256 JVM参数已添加:-Dcom。ibm。mq。cfg公司。useIBMCipherMappings=false

Caused by: com.ibm.msg.client.jms.DetailedIllegalStateException: JMSWMQ0018: Failed to connect to queue manager 'mqtap.uyg.uat11' with connection mode 'Client' and host name 'xxx'. Check the queue manager is started and if running in client mode, check there is a listener running. Please see the linked exception for more information.
at com.ibm.msg.client.wmq.common.internal.Reason.reasonToException(Reason.java:474)
at com.ibm.msg.client.wmq.common.internal.Reason.createException(Reason.java:216)
at com.ibm.msg.client.wmq.internal.WMQConnection.<init>(WMQConnection.java:431)
at com.ibm.msg.client.wmq.internal.WMQXAConnection.<init>(WMQXAConnection.java:70)
at com.ibm.msg.client.wmq.factories.WMQXAConnectionFactory.createV7ProviderConnection(WMQXAConnectionFactory.java:190)
at com.ibm.msg.client.wmq.factories.WMQConnectionFactory.createProviderConnection(WMQConnectionFactory.java:6157)
at com.ibm.msg.client.wmq.factories.WMQXAConnectionFactory.createProviderXAConnection(WMQXAConnectionFactory.java:102)
at com.ibm.msg.client.jms.admin.JmsConnectionFactoryImpl.createXAConnectionInternal(JmsConnectionFactoryImpl.java:364)
at com.ibm.mq.jms.MQXAConnectionFactory.createXAConnection(MQXAConnectionFactory.java:124)
at com.ibm.mq.connector.ConnectionBuilder.createConnection(ConnectionBuilder.java:167)
... 22 more Caused by: com.ibm.mq.MQException: JMSCMQ0001: WebSphere MQ call failed with compcode '2' ('MQCC_FAILED') reason '2059' ('MQRC_Q_MGR_NOT_AVAILABLE').
at com.ibm.msg.client.wmq.common.internal.Reason.createException(Reason.java:204)
... 30 more Caused by: com.ibm.mq.jmqi.JmqiException: CC=2;RC=2059;AMQ9204: Connection to host 'xxx' rejected. [1=com.ibm.mq.jmqi.JmqiException[CC=2;RC=2059;AMQ9503: Channel negotiation failed. [3=xxx]],3=xxx,5=RemoteConnection.analyseErrorSegment]
at com.ibm.mq.jmqi.remote.api.RemoteFAP.jmqiConnect(RemoteFAP.java:2098)
at com.ibm.mq.jmqi.remote.api.RemoteFAP.jmqiConnect(RemoteFAP.java:1347)
at com.ibm.msg.client.wmq.internal.WMQConnection.<init>(WMQConnection.java:350)
... 29 more Caused by: com.ibm.mq.jmqi.JmqiException: CC=2;RC=2059;AMQ9503: Channel negotiation failed. [3=xxx]
at com.ibm.mq.jmqi.remote.impl.RemoteConnection.analyseErrorSegment(RemoteConnection.java:3850)
at com.ibm.mq.jmqi.remote.impl.RemoteConnection.receiveTSH(RemoteConnection.java:2749)
at com.ibm.mq.jmqi.remote.impl.RemoteConnection.initSess(RemoteConnection.java:1024)
at com.ibm.mq.jmqi.remote.impl.RemoteConnection.connect(RemoteConnection.java:717)
at com.ibm.mq.jmqi.remote.impl.RemoteConnectionSpecification.getSessionFromNewConnection(RemoteConnectionSpecification.java:356)
at com.ibm.mq.jmqi.remote.impl.RemoteConnectionSpecification.getSession(RemoteConnectionSpecification.java:265)
at com.ibm.mq.jmqi.remote.impl.RemoteConnectionPool.getSession(RemoteConnectionPool.java:144)
at com.ibm.mq.jmqi.remote.api.RemoteFAP.jmqiConnect(RemoteFAP.java:1709)
... 31 more

javax.net.debug=ssl的更新输出:

trustStore is: C:\dev\eclipse\workspace\XXX\src\main\application\config\XXX\keystore.jks
trustStore type is : jks
trustStore provider is : 
init truststore    

adding as trusted cert:
  Subject: CN=mqClientmqtap.uyg.uat, OU=XXX BT, O=XXX TAS, L=XXX, C=TR
  Issuer:  CN=mqClientmqtap.uyg.uat, OU=XXX BT, O=XXX TAS, L=XXX, C=TR
  Algorithm: RSA; Serial number: 0x5889a408
  Valid from Thu Jan 26 10:23:52 EET 2017 until Sun Jan 24 10:23:52 EET 2027

adding as trusted cert:
  Subject: CN=mqServermqtap.uyg.uat11, OU=XXX BT, O=XXX TAS, L=XXX, C=TR
  Issuer:  CN=mqServermqtap.uyg.uat11, OU=XXX BT, O=XXX TAS, L=XXX, C=TR
  Algorithm: RSA; Serial number: 0x588996d3
  Valid from Thu Jan 26 09:27:31 EET 2017 until Sun Jan 24 09:27:31 EET 2027

adding as trusted cert:
  Subject: CN=mqServermqtap.uyg.uat12, OU=XXX BT, O=XXX TAS, L=XXX, C=TR
  Issuer:  CN=mqServermqtap.uyg.uat12, OU=XXX BT, O=XXX TAS, L=XXX, C=TR
  Algorithm: RSA; Serial number: 0x5889994c
  Valid from Thu Jan 26 09:38:04 EET 2017 until Sun Jan 24 09:38:04 EET 2027

trigger seeding of SecureRandom
done seeding SecureRandom

Allow unsafe renegotiation: falseAllow legacy hello messages: XXXueIs initial handshake: XXXueIs secure renegotiation: false
    %% No cached client session
    *** ClientHello, TLSv1.2
    RandomCookie:  GMT: 1573949056 bytes = { 248, 4, 131, 18, 179, 77, 58, 163, 213, 86, 162, 39, 153, 233, 66, 82, 68, 140, 162, 144, 245, 223, 148, 131, 41, 17, 182, 13 }
    Session ID:  {}
    Cipher Suites: [TLS_RSA_WITH_AES_128_CBC_SHA256]
    Compression Methods:  { 0 }
    Extension signature_algorithms, signature_algorithms: SHA512withECDSA, SHA512withRSA, SHA384withECDSA, SHA384withRSA, SHA256withECDSA, SHA256withRSA, SHA1withECDSA, SHA1withRSA, SHA1withDSA
    Extension server_name, server_name: [type=host_name (0), value=mqkont1.XXX.com.XXX]
    Extension renegotiation_info, renegotiated_connection: <empty>
    ***
    jmsContainerBean_DEVOPS_DEVOPS_CONSUME_MESSAGE-1, WRITE: TLSv1.2 Handshake, length = 106
    jmsContainerBean_DEVOPS_DEVOPS_CONSUME_MESSAGE-1, READ: TLSv1.2 Handshake, length = 1247
    *** ServerHello, TLSv1.2
    RandomCookie:  GMT: 710208142 bytes = { 152, 40, 119, 253, 151, 47, 206, 243, 81, 108, 25, 227, 196, 180, 235, 231, 180, 213, 136, 245, 68, 79, 87, 78, 71, 82, 68, 1 }
    Session ID:  {233, 220, 107, 227, 28, 86, 6, 240, 170, 113, 171, 164, 93, 132, 7, 120, 51, 79, 103, 215, 78, 157, 179, 176, 103, 14, 128, 68, 104, 28, 158, 75}
    Cipher Suite: TLS_RSA_WITH_AES_128_CBC_SHA256
    Compression Method: 0
    Extension renegotiation_info, renegotiated_connection: <empty>
    ***
    %% Initialized:  [Session-2, TLS_RSA_WITH_AES_128_CBC_SHA256]
    ** TLS_RSA_WITH_AES_128_CBC_SHA256
    *** Certificate chain
    chain [0] = [[  Version: V3  Subject: CN=mqServermqtap.uyg.uat11, OU=XXX BT, O=XXX TAS, L=XXX, C=XXX  Signature Algorithm: SHA256withRSA, OID = 1.2.840.113549.1.1.11  Key:  Sun RSA public key, 2048 bits  modulus: 16868959742511831543539228188322318728282173929458725924838613545208147879023122029920833782971719231363516671703224653599860963934312081835272320238812022534477095634694802627860269361713438182846321229058529392716608829685708314508449574441166109812419649123445875905638934406872091742574829759871314621197235350998579563031139677192512639546904745848670104988385994626620908449612658040233325854445643585926360496269974991459750688880211123355953429519072414353674373705386071983844550354941821794692371907044593903275788892906274112049209437573188855729556317970379842595602177784867998565702046085858658609856373  public exponent: 65537  Validity: [From: Thu Jan 26 09:27:31 EET 2017,               To: Sun Jan 24 09:27:31 EET 2027]  Issuer: CN=mqServermqtap.uyg.uat11, OU=XXX BT, O=XXX TAS, L=XXX, C=XXX  SerialNumber: [    588996d3]Certificate Extensions: 2[1]: ObjectId: 2.5.29.35 Criticality=falseAuthorityKeyIdentifier [KeyIdentifier [0000: 04 62 9C B2 40 5E E0 C7                            .b..@^..
    ]][2]: ObjectId: 2.5.29.14 Criticality=falseSubjectKeyIdentifier [KeyIdentifier [0000: 04 62 9C B2 40 5E E0 C7                            .b..@^..
    ]]]  Algorithm: [SHA256withRSA]  Signature:0000: 27 23 9A F1 20 45 4E 98   2C A7 38 83 CE 99 7A 41  '#.. EN.,.8...zA
    0010: 0A 3A 57 02 E9 0F DE 73   73 01 07 B0 D8 19 C7 E2  .:W....ss.......
    0020: F2 2D 16 85 31 37 19 37   E4 2D B1 2C 4A F1 79 E4  .-..17.7.-.,J.y.
    0030: 09 99 E0 3A 47 B3 E2 4F   F4 EE 01 C3 D4 52 D4 94  ...:G..O.....R..
    0040: 38 49 09 59 3E 63 C1 44   48 B1 1F E3 B3 16 69 38  8I.Y>c.DH.....i8
    0050: E1 FA 5A 73 6F D1 F4 64   B3 0F 2E FD 49 72 87 F2  ..Zso..d....Ir..
    0060: 7E 59 76 87 C2 97 1C 8A   69 ED 92 52 D6 A4 3A 88  .Yv.....i..R..:.
    0070: 84 43 20 4B C7 4B C8 42   18 A0 E5 BF A6 C8 A7 32  .C K.K.B.......2
    0080: F2 E4 AA A3 F0 08 1F DF   F2 5E EE 1E 9F 84 4A CB  .........^....J.
    0090: 80 A8 9D 83 ED 6D 2A 5F   A2 C1 9E FC 89 D1 08 C0  .....m*_........
    00A0: 82 DA 4D D1 97 3B AB AB   1A 8B 35 D9 1C C0 DF B4  ..M..;....5.....
    00B0: 67 E3 39 A4 C8 73 2C F0   2A 70 2B 14 F7 F1 9C E8  g.9..s,.*p+.....
    00C0: 71 89 99 93 AB AE D6 4B   A0 46 1A 13 54 4E 6B 3B  q......K.F..TNk;
    00D0: E9 CE 97 92 4D 64 25 0C   D9 4F 3B A6 CC 78 36 C0  ....Md%..O;..x6.
    00E0: AE 75 0F A9 C1 3D D8 B2   AF 5F 68 9F FB EB 31 2F  .u...=..._h...1/
    00F0: 41 16 83 04 7B F2 0D 8E   07 47 47 8F 55 F7 33 29  A........GG.U.3)
    ]
    ***
    Found XXXusted certificate:
    [[  Version: V3  Subject: CN=mqServermqtap.uyg.uat11, OU=XXX BT, O=XXX TAS, L=XXX, C=XXX  Signature Algorithm: SHA256withRSA, OID = 1.2.840.113549.1.1.11  Key:  Sun RSA public key, 2048 bits  modulus: 16868959742511831543539228188322318728282173929458725924838613545208147879023122029920833782971719231363516671703224653599860963934312081835272320238812022534477095634694802627860269361713438182846321229058529392716608829685708314508449574441166109812419649123445875905638934406872091742574829759871314621197235350998579563031139677192512639546904745848670104988385994626620908449612658040233325854445643585926360496269974991459750688880211123355953429519072414353674373705386071983844550354941821794692371907044593903275788892906274112049209437573188855729556317970379842595602177784867998565702046085858658609856373  public exponent: 65537  Validity: [From: Thu Jan 26 09:27:31 EET 2017,               To: Sun Jan 24 09:27:31 EET 2027]  Issuer: CN=mqServermqtap.uyg.uat11, OU=XXX BT, O=XXX TAS, L=XXX, C=XXX  SerialNumber: [    588996d3]Certificate Extensions: 2[1]: ObjectId: 2.5.29.35 Criticality=falseAuthorityKeyIdentifier [KeyIdentifier [0000: 04 62 9C B2 40 5E E0 C7                            .b..@^..
    ]][2]: ObjectId: 2.5.29.14 Criticality=falseSubjectKeyIdentifier [KeyIdentifier [0000: 04 62 9C B2 40 5E E0 C7                            .b..@^..
    ]]]  Algorithm: [SHA256withRSA]  Signature:0000: 27 23 9A F1 20 45 4E 98   2C A7 38 83 CE 99 7A 41  '#.. EN.,.8...zA
    0010: 0A 3A 57 02 E9 0F DE 73   73 01 07 B0 D8 19 C7 E2  .:W....ss.......
    0020: F2 2D 16 85 31 37 19 37   E4 2D B1 2C 4A F1 79 E4  .-..17.7.-.,J.y.
    0030: 09 99 E0 3A 47 B3 E2 4F   F4 EE 01 C3 D4 52 D4 94  ...:G..O.....R..
    0040: 38 49 09 59 3E 63 C1 44   48 B1 1F E3 B3 16 69 38  8I.Y>c.DH.....i8
    0050: E1 FA 5A 73 6F D1 F4 64   B3 0F 2E FD 49 72 87 F2  ..Zso..d....Ir..
    0060: 7E 59 76 87 C2 97 1C 8A   69 ED 92 52 D6 A4 3A 88  .Yv.....i..R..:.
    0070: 84 43 20 4B C7 4B C8 42   18 A0 E5 BF A6 C8 A7 32  .C K.K.B.......2
    0080: F2 E4 AA A3 F0 08 1F DF   F2 5E EE 1E 9F 84 4A CB  .........^....J.
    0090: 80 A8 9D 83 ED 6D 2A 5F   A2 C1 9E FC 89 D1 08 C0  .....m*_........
    00A0: 82 DA 4D D1 97 3B AB AB   1A 8B 35 D9 1C C0 DF B4  ..M..;....5.....
    00B0: 67 E3 39 A4 C8 73 2C F0   2A 70 2B 14 F7 F1 9C E8  g.9..s,.*p+.....
    00C0: 71 89 99 93 AB AE D6 4B   A0 46 1A 13 54 4E 6B 3B  q......K.F..TNk;
    00D0: E9 CE 97 92 4D 64 25 0C   D9 4F 3B A6 CC 78 36 C0  ....Md%..O;..x6.
    00E0: AE 75 0F A9 C1 3D D8 B2   AF 5F 68 9F FB EB 31 2F  .u...=..._h...1/
    00F0: 41 16 83 04 7B F2 0D 8E   07 47 47 8F 55 F7 33 29  A........GG.U.3)
    ]
    *** CertificateRequest
    Cert Types: RSA, DSS, ECDSA
    Supported Signature Algorithms: SHA512withRSA, SHA384withRSA, SHA256withRSA, Unknown (hash:0x3, signature:0x1), SHA1withRSA, SHA512withECDSA, SHA384withECDSA, SHA256withECDSA, Unknown (hash:0x3, signature:0x3), SHA1withECDSA, SHA1withDSA
    Cert Authorities:
    <CN=mqClientmqtap.uyg.uat, OU=XXX BT, O=XXX TAS, L=XXX, C=XXX>
    <CN=mqServermqtap.uyg.uat11, OU=XXX BT, O=XXX TAS, L=XXX, C=XXX>
    *** ServerHelloDone
    Warning: no suitable certificate found - continuing without client authentication
    *** Certificate chain
    <Empty>
    ***
    *** ClientKeyExchange, RSA PreMasterSecret, TLSv1.2
    jmsContainerBean_DEVOPS_DEVOPS_CONSUME_MESSAGE-1, WRITE: TLSv1.2 Handshake, length = 269
    SESSION KEYGEN:
    PreMaster Secret:
    0000: 03 03 B7 63 CA 3F 6F F4   A3 C8 68 5F 4E D4 84 9A  ...c.?o...h_N...
    0010: 17 03 40 12 66 C2 C3 D0   67 EE 64 54 50 5D AF ED  ..@.f...g.dTP]..
    0020: CD 8E 45 A9 6F CF 91 E1   60 6A 63 0D 9B CB AF D7  ..E.o...`jc.....
    CONNECTION KEYGEN:
    Client Nonce:
    0000: 5E D1 8F 80 F8 04 83 12   B3 4D 3A A3 D5 56 A2 27  ^........M:..V.'
    0010: 99 E9 42 52 44 8C A2 90   F5 DF 94 83 29 11 B6 0D  ..BRD.......)...
    Server Nonce:
    0000: 2A 55 EB 8E 98 28 77 FD   97 2F CE F3 51 6C 19 E3  *U...(w../..Ql..
    0010: C4 B4 EB E7 B4 D5 88 F5   44 4F 57 4E 47 52 44 01  ........DOWNGRD.
    Master Secret:
    0000: D9 0B 10 DB B5 9A 64 0C   56 2E 70 89 93 E4 52 6A  ......d.V.p...Rj
    0010: F7 C2 A9 9F 0D 6E 47 82   84 A0 6F D9 58 C0 E8 FF  .....nG...o.X...
    0020: E1 BB 6D 74 76 B0 D6 E5   83 FA 6F 89 D2 C1 BC 06  ..mtv.....o.....
    Client MAC write Secret:
    0000: 2E C0 A1 1A 6B 63 40 13   C9 2F 96 29 29 6B 46 3C  ....kc@../.))kF<
    0010: 61 48 69 06 66 9A 20 45   3C F4 63 BB 80 AE 95 84  aHi.f. E<.c.....
    Server MAC write Secret:
    0000: 64 5D 2F F0 C3 76 E7 53   61 0A D6 9A 23 80 7E 29  d]/..v.Sa...#..)
    0010: C9 15 CC 4A 1A 6A 0C F8   5D A6 2F C3 CE F8 04 88  ...J.j..]./.....
    Client write key:
    0000: A1 3C 3A F9 81 3E 4A F4   D5 30 EB 7C FB 10 AF 1B  .<:..>J..0......
    Server write key:
    0000: 0F 0C 65 F8 C5 6B C1 8B   C4 51 36 35 2E 9F ED D6  ..e..k...Q65....
    ... no IV derived for this protocol
    jmsContainerBean_DEVOPS_DEVOPS_CONSUME_MESSAGE-1, WRITE: TLSv1.2 Change Cipher Spec, length = 1
    *** Finished
    verify_data:  { 101, 32, 15, 187, 98, 153, 21, 159, 88, 122, 119, 59 }
    ***
    jmsContainerBean_DEVOPS_DEVOPS_CONSUME_MESSAGE-1, WRITE: TLSv1.2 Handshake, length = 80
    jmsContainerBean_DEVOPS_DEVOPS_CONSUME_MESSAGE-1, READ: TLSv1.2 Change Cipher Spec, length = 1
    jmsContainerBean_DEVOPS_DEVOPS_CONSUME_MESSAGE-1, READ: TLSv1.2 Handshake, length = 80
    *** Finished
    verify_data:  { 80, 170, 1, 54, 80, 55, 237, 31, 125, 189, 221, 180 }
    ***
    %% Cached client session: [Session-2, TLS_RSA_WITH_AES_128_CBC_SHA256]
    jmsContainerBean_DEVOPS_DEVOPS_CONSUME_MESSAGE-1, WRITE: TLSv1.2 Application Data, length = 288
    jmsContainerBean_DEVOPS_DEVOPS_CONSUME_MESSAGE-1, setSoTimeout(5000) called
    jmsContainerBean_DEVOPS_DEVOPS_CONSUME_MESSAGE-1, READ: TLSv1.2 Application Data, length = 96
    jmsContainerBean_DEVOPS_DEVOPS_CONSUME_MESSAGE-1, setSoTimeout(0) called
    jmsContainerBean_DEVOPS_DEVOPS_CONSUME_MESSAGE-1, called close()
    jmsContainerBean_DEVOPS_DEVOPS_CONSUME_MESSAGE-1, called closeInternal(XXXue)
    jmsContainerBean_DEVOPS_DEVOPS_CONSUME_MESSAGE-1, SEND TLSv1.2 ALERT:  warning, description = close_notify
    jmsContainerBean_DEVOPS_DEVOPS_CONSUME_MESSAGE-1, WRITE: TLSv1.2 Alert, length = 64
    jmsContainerBean_DEVOPS_DEVOPS_CONSUME_MESSAGE-1, called closeSocket(XXXue)
    01:41:04,148 WARN  [org.jboss.jca.core.connectionmanager.pool.sXXXategy.OnePool

共有2个答案

李光华
2023-03-14

得到IBMMQ Client jar后,我成功地从Oracle JRE连接到IBMMQhttps://mvnrepository.com/artifact/com.ibm.mq/wmq.jmsra/9.1.5.0

钮才哲
2023-03-14

您在发送方运行的是非常旧的软件版本,MQ 7.1在三年前(2017年4月30日)失去了支持。据我所知,IBM将以一定的成本提供额外三年的扩展支持,因此,这条支持途径似乎已经结束。7.1.0.7维护版本本身于2015年11月15日发布,因此目前已超过4.5年。我强烈建议你换个新版本。

请注意,MQ v8.0于2020年4月30日停止支持,IBM宣布MQ v9.0于2021年9月30日停止支持。当您进行迁移时,您应该使用9.1,它没有宣布支持结束(他们给出了至少五年的时间,所以可能是2023年),或者使用应该在今年晚些时候推出的下一个版本的MQ。

您在问题和评论中详细介绍了两个问题。

>

  • 添加java系统属性com.ibm.mq.cfg.useIBMCipherMappings=false
  • 将密码套件指定为TLS_RSA_WITH_AES_128_CBC_SHA256

纠正上述错误后,您开始出现新的错误。根据您所做的故障排除和ssl调试日志,我注意到您所使用的MQ版本不包括APAR IT10837:WEBSPINE MQ CHANNEL START使用在ORACLE JRE中运行的TLS 1.2 CIPher时,AMQ9637会失败

PROBLEM DESCRIPTION:

The Oracle JVM did not create a default internal key manager
object for TLS socket connections, meaning that the client's
signed personal certificates were not available for client
authentication during the handshake, causing the connection
attempt to fail.

Problem conclusion

An internal key manager object is now created for Oracle TLS
connections, so the client's signed personal certificates are
available during the handshake and the connection attempt
succeeds.

---------------------------------------------------------------
The fix is targeted for delivery in the following PTFs:

Version    Maintenance Level
v7.1       7.1.0.8
v7.5       7.5.0.7
v8.0       8.0.0.5

因此,MQ找不到您的密钥库和信任库。

建议的解决方案是升级到受支持的IBM MQ版本。您可以使用Maven从以下链接获取当前的IBM MQ v9.1.0.5 LTS支持客户端

MVN仓库”com.ibm.mqcom.ibm.mq.allclient

 类似资料:
  • Java语言安全Java 8上的InvalidAlgorithmParameterException可用于Java 11

    所以,假设您想使用公钥验证签名,该公钥使用ECDSA算法和brainpoolP256r1椭圆曲线。 要运行以下代码,请执行以下步骤: 使用以下命令生成脑池密钥对: 在java 8上运行此代码将导致: 使用java 11,控制台将打印“true”。 那是为什么呢?

  • Java语言安全AccessControlException:访问被拒绝

    我已经创建了谷歌应用程序引擎项目,使用预测Api 1.5v。当我在本地均值localhost:8888使用谷歌o2Auth身份验证与客户端ID和客户端运行时,它对我来说工作正常secret.but当我实时运行它时,它会给出一个错误 Java语言安全AccessControlException:访问被拒绝(“java.io.FilePermission”“/base/data/home/apps/s

  • JAVA安全NoSuchAlgorithmException:RSA签名不可用

    这是个例外 这是我的密码

  • JAVA安全NoSuchAlgorithmException:算法PBKDF2WithHmacSHA1不可用

    我有java 1.4版本的代码,我们有一个新的要求,比如从另一个webservice响应中解密密码,因此必须使用AES 256解密,得到以下异常: 我试图将jce\U policy\u 1-4版本JAR复制到java home security文件夹中,但仍遇到上述异常 Java 1.4中是否有不更改为1.5的解决方案,因为运行jboss server 3.2.3版将不支持Java 1.5。

  • 字节码功能在Java语言中不可用

    问题内容: 当前(Java 6)中是否有您可以用Java字节码执行的,您无法在Java语言中执行的操作? 我知道两者都已经完成了图灵,所以将“可以做”理解为“可以更快/更好地做事,或者只是以不同的方式做”。 我正在考虑无法使用Java生成额外的字节码,例如,除非特定的字节码用于将来的版本。 问题答案: 据我所知,Java 6支持的字节码中没有任何主要功能,这些功能也无法从Java源代码访问。这样做

  • sitecore 安全断言

    本文向大家介绍sitecore 安全断言,包括了sitecore 安全断言的使用技巧和注意事项,需要的朋友参考一下 示例 CanRunApplication 检查用户是否有权运行给定的应用程序。如果没有,AccessDeniedException则抛出。 HasAccess HasAccess将检查给定参数是否为true,否则AccessDeniedException将抛出。          

相关问答

Thymeleaf安全方言-hasPermission()Thymeleaf附加安全不适用于Spring安全ANTLR4-带有不可区分标记的语言Java语言lang.UnsupportedOperationException Android Studio如何安全地创建不安全的?

相关文章

是否可以使用Java过滤不良语言的单词?Java 8不安全:xxxFence()指令Go语言中使用 buffered channel 实现线程安全的 poolJava 编译语言与口译语言bootstrap-datepicker全局设置语言

相关阅读

在Windows上安装Go语言开发包亚信安全 | Java一面 | 25min亚信安全(Java开发)-10.20京东 Java开发(安全部)Java国际化(i18n)显示语言

相关工具

神语言Shen语言Tea语言太极语言"明"编程语言

相关文档

Java 语言快速入门安卓应用安全指南认知语言学 - 语言学系列丛书语言本能:人类语言进化的奥秘Go 语言圣经
快捷导航: 新手教程 算法原理 架构设计 Java进阶 数据库进阶 大厂专栏 面试经验 编程笔记 编程问答 所有专题 文档资料 工具软件 电子书籍 小牛导航
在线工具: 房贷计算器 个税计算器 Linux命令查询 Json格式化 正则表达式 颜色转换 AES加解密 SHA1加密 MD5加密 毒鸡汤 字数统计 随机密码生成 进制转换 Base64编解码 励志句子
Copyright © 2019-2024 小牛知识库@xnip.cn. All Rights Reserved.