Websphere 希望使用IBM MQ系列而不是JMS连接到MQ。我的应用程序将部署在WAS上,Q Manager位于另一台服务器上。如何通过conn Param?
有关如何将信任库和密钥库路径传递到应用程序的任何信息。因为我的应用程序将托管在WAS(Web应用服务器)上,而MQ将部署在某台远程机器上。如何将SSL证书传递到我的应用程序中,以便与MQ对话。 如有任何提示或澄清,将不胜感激Websphere 希望使用IBM MQ系列而不是JMS连接到MQ。我的应用程序将部署在WAS上,Q Manager位于另一台服务器上。如何通过conn Param?,websphere,ibm-mq,Websphere,Ibm Mq,有关如何将信任库和密钥库路径传递到应用程序的任何信息。因为我的应用程序将托管在WAS(Web应用服务器)上,而MQ将部署在某台远程机器上。如何将SSL证书传递到我的应用程序中,以便与MQ对话。 如有任何提示或澄清,将不胜感激 我被你列出的东西弄糊涂了。您正在显示C#.NET代码,但询问的是Java(不是JMS)和WAS 首先,不要将MQEnvironment类与使用具有MQ连接信息的哈希表混合使用。不要使用MQEnvironment类,因为它不是线程安全的 基本信息: Java使用JKS类型(
我被你列出的东西弄糊涂了。您正在显示C#.NET代码,但询问的是Java(不是JMS)和WAS 首先,不要将MQEnvironment类与使用具有MQ连接信息的哈希表混合使用。不要使用MQEnvironment类,因为它不是线程安全的 基本信息:
- Java使用JKS类型(.JKS)密钥库,而MQ使用CMS类型(.kdb) 密钥库
- 在通道上启用SSL/TLS时,始终需要使用信任库对队列管理器进行身份验证
- 对于“相互身份验证”(可选),您的私有证书还需要密钥库
- Java使用CipherSuite,而MQ使用CipherSpec。有关更多信息,请参阅,并注意您正在使用的JVM
- 根据您的JVM,您可能希望将com.ibm.mq.cfg.useIBMCipherMappings的JVM环境变量设置为true或false(对于ibm JRE为true,否则为false)
public void connect()抛出MQException、MalformedURLException、ClassNotFoundException、InstantiationException、IllegaAccessException、InvalidAlgorithmParameterException、NoSuchAlgorithmException、Exception
{
debug(“正在尝试连接到队列管理器”“+mqo.qMgrName+”);
MQException.log=null;
if(mqo.channelName!=null)
{
Hashtable mqht=新的Hashtable();
mqht.put(CMQC.CHANNEL_属性,mqo.channelName);
put(CMQC.HOST\u NAME\u属性,mqo.hostname);
put(CMQC.PORT_属性,新整数(mqo.PORT));
if(mqo.userID!=null)
put(CMQC.USER\u ID\u属性,mqo.userID);
如果(mqo.password!=null)
mqht.put(CMQC.PASSWORD_属性,mqo.PASSWORD);
/*
*SSL
*/
if(mqo.cipherSuiteName!=null)
mqht.put(CMQC.SSL\u CIPHER\u SUITE\u属性,mqo.cipherSuiteName);
if(mqo.differentiedName!=null)
mqht.put(CMQC.SSL_PEER_NAME_属性,mqo.discrimitedName);
if(mqo.trustedStore!=null)
setProperty(“javax.net.ssl.trustStore”,mqo.trustedStore);
if(mqo.trustedStorePasswd!=null)
setProperty(“javax.net.ssl.trustStorePassword”,mqo.trustedStorePasswd);
if(mqo.keyStore!=null)
setProperty(“javax.net.ssl.keyStore”,mqo.keyStore);
if(mqo.keyStorePasswd!=null)
setProperty(“javax.net.ssl.keystrepassword”,mqo.keystrepasswd);
if(((mqo.ldapServer!=null))&&(mqo.ldapServer!=0))
{
ldapcertstorepartments ldapcsparms=新的ldapcertstorepartments(mqo.ldapServer,mqo.ldapServerPort);
CertStore cs=CertStore.getInstance(“LDAP”,ldapcsparms);
ArrayList al=新的ArrayList();
增补(cs);
mqht.put(CMQC.SSL证书存储属性,al);
}
枚举名称=mqht.keys();
字符串键;
while(names.hasMoreElements())
{
key=(字符串)names.nextElement();
if(CMQC.PASSWORD\u PROPERTY.equalsIgnoreCase(key))
{
字符串pwd=(字符串)mqht.get(键);
UFM.logger.info(“connect()”+key+“length是”“+”(pwd==null?“null”:pwd.length()+”)+“”;
}
其他的
UFM.logger.info(“connect()”+key+“=””+mqht.get(key)+“”;
}
_qMgr=新的MQQueueManager(mqo.qMgrName,mqht);
UFM.logger.info(“使用“+mqo.channelName+”和“+mqo.hostname+”(“+mqo.port+”)成功连接到“+mqo.qMgrName+”);
}
else if(mqo.CCDTFile!=null)
{
字符串trustedStore=System.getenv(“MQSSLKEYR”);
if(trustedStore!=null)
setProperty(“javax.net.ssl.trustStore”,trustedStore+“.jks”);
File File=新文件(mqo.CCDTFile);
URL=file.toURL();
if(mqo.userID!=null)
{
Hashtable mqht=新的Hashtable();
put(CMQC.USER\u ID\u属性,mqo.userID);
如果(mqo.password!=null)
mqht.put(CMQC.PASSWORD_属性,mqo.PASSWORD);
_qMgr=新的MQQueueManager(mqo.qMgrName、mqht、url);
UFM.logger.info(“使用带有UserID的“+mqo.CCDTFile+”成功连接到“+mqo.qMgrName+”);
}
其他的
{
_qMgr=新的MQQueueManager(mqo.qMgrName,url);
UFM.logger.info(“使用”+mqo.CCDTFile成功连接到”+mqo.qMgrName+);
}
}
其他的
{
_qMgr=新的MQQueueManager(mqo.qMgrName);
UFM.logger.info(“成功连接到”+mqo.qMgrName);
}
}
不确定我是否理解正确。有关如何设置Java系统属性的信息,请参阅。但根据我的经验,最好使用配置。您应该使用WebSphere中包含的WebSphere MQ provider,并通过控制台正确配置连接工厂和队列-在WebSphere上部署的应用程序中没有硬编码这些值的意义,您也不应该直接更改ssl设置,而应该使用WAS中的ssl配置,
using IBM.WMQ;
using System;
using System.Collections;
using System.Text;
namespace MQTest
{
class Program
{
static void Main(string[] args)
{
string strQueueManagerName = "QM";
string strChannelName = "CHANNEL1";
string strQueueName = "QUEUE1";
string strServerName = "127.0.0.1";
int intPort = 1414;
string strMsg = "Hello IBM, this is a message";
MQEnvironment.SSLCipherSpec = "TLS_RSA_WITH_AES_256_CBC_SHA256";
Hashtable queueProperties = new Hashtable
{
{ MQC.HOST_NAME_PROPERTY, strServerName },
{ MQC.CHANNEL_PROPERTY, strChannelName },
{ MQC.PORT_PROPERTY, intPort },
{ MQC.TRANSPORT_PROPERTY, MQC.TRANSPORT_MQSERIES_MANAGED }
};
//Set Username
//MQEnvironment.UserId = "User";
//Set Passowrd
//MQEnvironment.Password = "123";
//Define a Queue Manager
try
{
MQQueueManager myQM = new MQQueueManager(strQueueManagerName, queueProperties);
//Define a Message
MQMessage queueMessage = new MQMessage();
queueMessage.Format = MQC.MQFMT_STRING;
queueMessage.CharacterSet = Encoding.UTF8.CodePage;
queueMessage.Write(Encoding.UTF8.GetBytes(strMsg));
//Define a Queue
var queue = myQM.AccessQueue
(strQueueName, MQC.MQOO_OUTPUT + MQC.MQOO_FAIL_IF_QUIESCING);
MQPutMessageOptions queuePutMessageOptions = new MQPutMessageOptions();
queue.Put(queueMessage, queuePutMessageOptions);
queue.Close();
Console.WriteLine("Success");
}
catch (Exception ex)
{
Console.WriteLine(ex.Message);
}
Console.ReadLine();
}
}
}
-Djavax.net.ssl.keyStore=keystore.ks -Djavax.net.ssl.keyStorePassword=x
-Djavax.net.ssl.trustStore=keystore.ks -Djavax.net.ssl.trustStorePassword=x
public void connect() throws MQException, MalformedURLException, ClassNotFoundException, InstantiationException, IllegalAccessException, InvalidAlgorithmParameterException, NoSuchAlgorithmException, Exception
{
UFM.logger.debug("Attempting to connect to queue manager '"+mqo.qMgrName+"'");
MQException.log = null;
if (mqo.channelName != null)
{
Hashtable<String,Object> mqht = new Hashtable<String,Object>();
mqht.put(CMQC.CHANNEL_PROPERTY, mqo.channelName);
mqht.put(CMQC.HOST_NAME_PROPERTY, mqo.hostname);
mqht.put(CMQC.PORT_PROPERTY, new Integer(mqo.port));
if (mqo.userID != null)
mqht.put(CMQC.USER_ID_PROPERTY, mqo.userID);
if (mqo.password != null)
mqht.put(CMQC.PASSWORD_PROPERTY, mqo.password);
/*
* SSL
*/
if (mqo.cipherSuiteName != null)
mqht.put(CMQC.SSL_CIPHER_SUITE_PROPERTY, mqo.cipherSuiteName);
if (mqo.distinguishedName != null)
mqht.put(CMQC.SSL_PEER_NAME_PROPERTY, mqo.distinguishedName);
if (mqo.trustedStore != null)
System.setProperty("javax.net.ssl.trustStore", mqo.trustedStore);
if (mqo.trustedStorePasswd != null)
System.setProperty("javax.net.ssl.trustStorePassword", mqo.trustedStorePasswd);
if (mqo.keyStore != null)
System.setProperty("javax.net.ssl.keyStore", mqo.keyStore);
if (mqo.keyStorePasswd != null)
System.setProperty("javax.net.ssl.keyStorePassword", mqo.keyStorePasswd);
if ( ((mqo.ldapServer != null)) && (mqo.ldapServerPort != 0) )
{
LDAPCertStoreParameters ldapcsparms = new LDAPCertStoreParameters(mqo.ldapServer, mqo.ldapServerPort);
CertStore cs = CertStore.getInstance("LDAP", ldapcsparms);
ArrayList al = new ArrayList();
al.add(cs);
mqht.put(CMQC.SSL_CERT_STORE_PROPERTY, al);
}
Enumeration<String> names = mqht.keys();
String key;
while(names.hasMoreElements())
{
key = (String) names.nextElement();
if (CMQC.PASSWORD_PROPERTY.equalsIgnoreCase(key))
{
String pwd = (String)mqht.get(key);
UFM.logger.info("connect() " + key + " length is '" + (pwd == null?"null":pwd.length()+"") +"'");
}
else
UFM.logger.info("connect() " + key + "='" + mqht.get(key)+"'");
}
_qMgr = new MQQueueManager(mqo.qMgrName, mqht);
UFM.logger.info("Successfully connected to " + mqo.qMgrName + " using " + mqo.channelName + " and " + mqo.hostname+"("+mqo.port+")");
}
else if (mqo.CCDTFile != null)
{
String trustedStore = System.getenv("MQSSLKEYR");
if (trustedStore != null)
System.setProperty("javax.net.ssl.trustStore", trustedStore + ".jks");
File file = new File(mqo.CCDTFile);
URL url = file.toURL();
if (mqo.userID != null)
{
Hashtable<String,Object> mqht = new Hashtable<String,Object>();
mqht.put(CMQC.USER_ID_PROPERTY, mqo.userID);
if (mqo.password != null)
mqht.put(CMQC.PASSWORD_PROPERTY, mqo.password);
_qMgr = new MQQueueManager(mqo.qMgrName, mqht, url);
UFM.logger.info("Successfully connected to " + mqo.qMgrName + " using " + mqo.CCDTFile + " with UserID");
}
else
{
_qMgr = new MQQueueManager(mqo.qMgrName, url);
UFM.logger.info("Successfully connected to " + mqo.qMgrName + " using " + mqo.CCDTFile);
}
}
else
{
_qMgr = new MQQueueManager(mqo.qMgrName);
UFM.logger.info("Successfully connected to " + mqo.qMgrName);
}
}