Topic
2 replies Latest Post - ‏2012-04-24T18:43:23Z by SystemAdmin
SystemAdmin
SystemAdmin
126 Posts
ACCEPTED ANSWER

Pinned topic Q Program, Working with SSL, Windows XP

‏2012-04-23T20:00:56Z |
Hello,
I want to connect to QM using clients channel and SSL sertificate. I try the following command and get an error:

C:\WINDOWS>q -lmqic32 -mQM1 -iQ1 -xc
MQSeries Q Program by Paul Clarke V5.0.0 Build:Jul 15 2008
Enter Channel Name
MY
Enter Channel Type (NULL for CLNTCONN)
Enter Transport Type (NULL for TCP)
Enter connection name (NULL for localhost)
localhost(11111)
Do you want exits ?
n
Do you want SSL ?
y
Enter Cipher Spec NULL for RC4_SHA_US
NULL_MD5
Enter Key Repository (NULL for c:\mqm\key)
Enter CryptoHardware
Enter Authinfo Conn Name
Connecting ...failed.
MQCONNX on object 'QM1' returned 2538 Host Not Available.

But when I use the following command, everything works fine:
C:\WINDOWS>q -mQM1 -iQ1 -xc
MQSeries Q Program by Paul Clarke V5.0.0 Build:Jul 15 2008
Enter Channel Name
MY
Enter Channel Type (NULL for CLNTCONN)
Enter Transport Type (NULL for TCP)
Enter connection name (NULL for localhost)
localhost(11111)
Do you want exits ?
n
Do you want SSL ?
y
Enter Cipher Spec NULL for RC4_SHA_US
NULL_MD5
Enter Key Repository (NULL for c:\mqm\key)
Enter CryptoHardware
Enter Authinfo Conn Name
Connecting ...connected to 'QM1'.
111
No more messages.

Seems, the reason of the problem library mqic32.. Why I cannot connect using this library and SSL to QM? In error log I have records:

2012-04-18 13:48:10 - Process(3136.21) User(MUSR_MQADMIN) Program(amqrmppa.exe)
Host(VMWARE-WXP)
AMQ9660: SSL key repository: password stash file absent or unusable.

EXPLANATION:
The SSL key repository cannot be used because MQ cannot obtain a password to
access it. Reasons giving rise to this error include:
(a) the key database file and password stash file are not present in the
location configured for the key repository,
(b) the key database file exists in the correct place but that no password
stash file has been created for it,
(c) the files are present in the correct place but the userid under which MQ is
running does not have permission to read them,
(d) one or both of the files are corrupt.

The channel is '????'; in some cases its name cannot be determined and so is
shown as '????'. The channel did not start.
ACTION:
Ensure that the key repository variable is set to where the key database file
is. Ensure that a password stash file has been associated with the key database
file in the same directory, and that the userid under which MQ is running has
read access to both files. If both are already present and readable in the
correct place, delete and recreate them. Restart the channel.

In the Internet I cannot find any explanation to this situation.
Thanks for help!!!
75H4_Yana_Konkina

I set next environment variable:

GMQ_MQ_LIB=mqic32.dll
MQSSLKEYR=c:\mqm\qutil
MQ_CONNECT_TYPE=CLIENT

I connect to QM on the local machine
Updated on 2012-04-24T18:43:23Z at 2012-04-24T18:43:23Z by SystemAdmin
  • Tom.Seelbach
    Tom.Seelbach
    11 Posts
    ACCEPTED ANSWER

    Re: Q Program, Working with SSL, Windows XP

    ‏2012-04-24T18:04:19Z  in response to SystemAdmin
    hi Yana,
    Seems like an MQ question? You may get better responses on WebSphere MQ forum: http://www.ibm.com/developerworks/forums/forum.jspa?forumID=280
    -Tom
    • SystemAdmin
      SystemAdmin
      126 Posts
      ACCEPTED ANSWER

      Re: Q Program, Working with SSL, Windows XP

      ‏2012-04-24T18:43:23Z  in response to Tom.Seelbach
      Hi, Tom.
      Thank you, I move my question to the forum that you recommend