Troubleshooting
Problem
After setting CERTLABL for an SSL channel on MQ Server, DataPower can no longer connect to that channel.
Symptom
When CERTLABL is configured on the channel that DataPower is using to connect to queue manager, the connection would fail and DataPower MQ Queue Manager object would be down.
The following errors will be seen in the DataPower logs:
The following errors will be seen in the DataPower logs:
-
- [mq][error] mq-qm(mqqm): tid(238161): test connection failed (2539)
[mq][error] mq-qm(mqqm): tid(238161): Queue Manager Error: 'mq-server.ibm.com:1111' ''. Reason code - 2539
The reason code is: 2539 0x000009eb MQRC_CHANNEL_CONFIG_ERROR
- [mq][error] mq-qm(mqqm): tid(238161): test connection failed (2539)
- AMQ9673: The channel 'SSL.SVRCONN.2' did not send the correct certificate to
the remote peer.
- EXPLANATION:
- The SSL or TLS channel 'SSL.SVRCONN.2' is configured to use certificate label
'SSL.SVRCONN.2'. However, the remote peer did not send the necessary
information to allow the local channel to use the correct certificate. The
remote host is 'datapower (xxx.xxx.xxx.xxx)'.
- The SSL or TLS channel 'SSL.SVRCONN.2' is configured to use certificate label
-
- This error occurs when the local channel definition has a certificate label and
the remote peer does not support selection of certificates.
The channel did not start.
- This error occurs when the local channel definition has a certificate label and
- ACTION:
- Ensure that the remote peer supports certificate label configuration. Refer to
the Security section of the WebSphere MQ Information Center for details of
certificate label requirements. Alternatively, alter the local channel
definition so that it does not specify a certificate label.
- Ensure that the remote peer supports certificate label configuration. Refer to
[{"Product":{"code":"SS9H2Y","label":"IBM DataPower Gateway"},"Business Unit":{"code":"BU048","label":"IBM Software"},"Component":"General","Platform":[{"code":"PF009","label":"Firmware"}],"Version":"7.2","Edition":"","Line of Business":{"code":"LOB77","label":"Automation Platform"}}]
Log InLog in to view more of this document
This document has the abstract of a technical article that is available to authorized users once you have logged on. Please use Log in button above to access the full document. After log in, if you do not have the right authorization for this document, there will be instructions on what to do next.
Was this topic helpful?
Document Information
Modified date:
19 March 2020
UID
swg21903494