Looking for details around SSL configuration for JMS Websphere MQ. Please share your experience.
Akhil, et al,
I was able to implement SSL on the WebSphere MQ connector. There are two things that need to be done outside of the AtomSphere tool to get it to work.
#1 - A certificate needs to be added to the truststore for peer authentication. Typically Boomi will load certificates into the keystore for self authentication. Because it is a truststore cert, the file that needs to be received from WebSphere MQ to load into the cacerts is a *.arm. Here were the commands (Linux) we used to install the
keytool -import -file <cert name>.arm -keystore cacerts keytool -changealias -alias mykey -destalias <cert name> -keystore cacerts
#2 - The atom.vmoptions file in the ../bin directory. needs to be updated with the following:
-Dcom.ibm.mq.cfg.useIBMCipherMappings=false then restart Atom.
This should help anyone trying to get SSL working with WebSphere MQ.
Some testing of JMS SSL with ActiveMQ was implemented last year and was proven at least once in our labs. We are checking internally about JMS SSL with WebSphere MQ.
Any update around this piece. We are trying to configure SSL when trying to connect with Websphere MQ and it would be helpful if you can provide us the steps how to configure it.
Thanks and Regards
We are trying to connect to ActiveMQ over SSL and running into below error. Can you please let us know if there is any setups required that was tested in your labs.
Error: Unable to send JMS message; Caused by: Cannot send, channel has already failed: tcp://10.10.40.83:61617
This is our setup for provider URL
I followed the same process as mentioned by you. But when I run the process I am getting below error :
error : Caused by: JMSWMQ0018: Failed to connect to queue manager 'QMDCARES02' with connection mode 'Client' and host name 'ldil0219c1mq01.cardinalhealth.net'.; Caused by: JMSCMQ0001: WebSphere MQ call failed with compcode '2' ('MQCC_FAILED') reason '2400' ('MQRC_UNSUPPORTED_CIPHER_SUITE').
I am using TLS_RSA_WITH_AES_128_CBC_SHA and same is configured at MQ end. Could you please suggest the options to resolve this issue.
Thanks for your support !!
Retrieving data ...