MQ Client connection with SSL Enabled

Question

I have a .net mq client trying to connect to mq server with ssl enabled. I have the certificate installed on the client machine. Below is the code i use to connect to MQ Server.I have created a keydatabase file using ikeyman added the private key and root and intermediate certificates to the .kdb file

            prop.Add(MQC.HOST_NAME_PROPERTY, "xx.xx.xx.xxx");
            prop.Add(MQC.CHANNEL_PROPERTY, "xxx");
            prop.Add(MQC.PORT_PROPERTY, "xxx"));
            prop.Add(MQC.TRANSPORT_PROPERTY, MQC.TRANSPORT_MQSERIES_MANAGED);
            prop.Add(MQC.CONNECT_OPTIONS_PROPERTY, MQC.MQCNO_RECONNECT_Q_MGR);
            prop.Add(MQC.SSL_CIPHER_SUITE_PROPERTY, "SSL_RSA_WITH_3DES_EDE_CBC_SHA");
            prop.Add(MQC.SSL_CERT_STORE_PROPERTY, "xxx\\xxx\\");
            prop.Add(MQC.SSL_CIPHER_SPEC_PROPERTY, "TRIPLE_DES_SHA_US");
            qmanager = new MQQueueManager("xxx", props);                  

            queue = qmanager.AccessQueue("xxx",
                     MQC.MQOO_INPUT_AS_Q_DEF + MQC.MQOO_FAIL_IF_QUIESCING);

when it tries to connect to the queue manager client throws an exception AMQ9665: SSL connection closed by remote end of channel ''. . Please help

Do you find a solution for TRANSPORT_MQSERIES_MANAGED ssl connection? — Bilgehan

Roger Roger · Accepted Answer · 2016-01-06T22:15:18

Yes. You will likely need:

prop.Add(MQC.SSL_CERT_STORE_PROPERTY, sslKeyRepository);;
prop.Add(MQC.SSL_CIPHER_SPEC_PROPERTY, "TLS_RSA_WITH_AES_128_CBC_SHA256");

Please read the MQ Knowledge Center here for more information.

MQ Client connection with SSL Enabled

1 Answers