0

Based upon thefollowing question:

Connecting to a Websphere MQ in Java with SSL/Keystore

I set up a Domino agent to access IBM MQ. However I get the message:

javax.jms.JMSException: MQJMS2005: failed to create MQQueueManager for 'ibmmq.mycorp.se:QMANAGER'

I am using the following code:

import lotus.domino.*;

import javax.jms.*;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManagerFactory;

import com.ibm.mq.jms.JMSC;
import com.ibm.mq.jms.MQQueueConnectionFactory;

import java.io.InputStream;
import java.security.KeyStore;


public class JavaAgent extends AgentBase {

    /*   
     * not working. factory incorrect set?
     */

    private static final boolean debug = true;
    private static final boolean debugDefault = true;   


    String msg;

    public void NotesMain() {

        lotus.domino.Session s = getSession();
        OpenLogItem oli = new OpenLogItem(s);

        try {           
            msg = "Agent started";
            toLogDebug(msg);

            Environment env = setEnvVariables();

            InputStream res = this.getClass().getResourceAsStream("key.jks");
            char[] pw = {'p','a','s','s','w','o','r','d'};

            KeyStore ks;
            ks = KeyStore.getInstance("JKS");
            ks.load(res, pw);

            msg = "after keystore loaded";  
            toLogDebug(msg);

             // Create a keystore object for the truststore
            KeyStore trustStore = KeyStore.getInstance("JKS");

            InputStream res2 = this.getClass().getResourceAsStream("key.jks");


             // Open our file and read the truststore (no password)
            trustStore.load(res2, null);

            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());

            keyManagerFactory.init(ks, pw);
            trustManagerFactory.init(trustStore);

            msg = "After Managers .init.";  
            toLogDebug(msg);                

            SSLContext sslContext = SSLContext.getInstance("SSL_TLS");

            msg = "SSLContext provider: " + sslContext.getProvider().toString();
            toLogDebug(msg);    

            sslContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), null);

            msg = "After sslContext.init."; 
            toLogDebug(msg);

            SSLSocketFactory sslSocketFactory = sslContext.getSocketFactory();

            msg = "After getSocketFactory()";   
            toLogDebug(msg);

            // Create default MQ connection factory
            MQQueueConnectionFactory factory = new MQQueueConnectionFactory();

            msg = "After MQQueueConnectionFactory()";   
            toLogDebug(msg);

            // Customize the factory
             factory.setSSLSocketFactory(sslSocketFactory);
             // Use javac SSLTest.java -Xlint:deprecation
             factory.setTransportType(JMSC.MQJMS_TP_CLIENT_MQ_TCPIP);
             factory.setQueueManager(env.getQueManager());
             factory.setHostName(env.getHost());
             factory.setChannel(env.getChannel());
             factory.setPort(env.getPort());
             factory.setSSLFipsRequired(false);
             factory.setSSLCipherSuite("TLS_RSA_WITH_AES_256_CBC_SHA256");

             msg = "After factory set"; 
             toLogDebug(msg);

             QueueConnection connection = null;
             connection = factory.createQueueConnection("",""); //empty user, pass to avoid MQJMS2013 messages

             msg = "after createQueueConnection(\"\",\"\")";
             toLogDebug(msg);

             connection.start();
             msg = "JMS SSL client connection started!";
             toLogDebug(msg);
             connection.close();

            msg =  "Agent done!";
            toLogDebug(msg);
         } catch (JMSException ex) {
             oli.logError(ex);
          } catch (Exception ex){
             oli.logError(ex);
          }
    }

    public Environment setEnvVariables(){

        Environment env = null;

        lotus.domino.Session s = getSession();
        try{
            Database adminDb = s.getCurrentDatabase();
            if (adminDb.isOpen()){
                View adminVw = adminDb.getView("settings");
                if (null != adminVw){
                    adminVw.setAutoUpdate(false);
                    Document adminDoc = adminVw.getFirstDocument();
                    if (null != adminDoc){

                        env = new Environment();
                        if (adminDoc.hasItem("mqhost")){                            
                            env.setHost(adminDoc.getItemValueString("mqhost"));
                        }
                        if (adminDoc.hasItem("mqport")){
                            env.setPort(Integer.parseInt(adminDoc.getItemValueString("mqport")));
                        }
                        if (adminDoc.hasItem("mqchannel")){
                            env.setChannel(adminDoc.getItemValueString("mqchannel"));
                        }
                        if (adminDoc.hasItem("mqquemanager")){
                            env.setQueManager(adminDoc.getItemValueString("mqquemanager"));
                        }                   

                    }
                }

            }
        }catch(Exception e){
            //
        }

        return env;

    }

    public void toLogDebug(String msg){
        if (debug){
            lotus.domino.Session session = getSession();
            OpenLogItem oli = new OpenLogItem(session);
            oli.logEvent(msg, OpenLogItem.SEVERITY_LOW, null);
        }
    }

    public void toLogDefault(String msg){
        if (debugDefault){
            lotus.domino.Session session = getSession();
            OpenLogItem oli = new OpenLogItem(session);
            oli.logEvent(msg, OpenLogItem.SEVERITY_HIGH, null);
        }
    }

    public class Environment{

        String host;
        int port;
        String channel;
        String queManager;

        lotus.domino.Session s = getSession();
        OpenLogItem oli = new OpenLogItem(s);

        public Environment(){
            oli.logEvent("Environment constructor", OpenLogItem.SEVERITY_LOW, null);
        }

        public String getHost() {
            return host;
        }

        public void setHost(String host) {
            this.host = host;
        }

        public int getPort() {
            return port;
        }

        public void setPort(int port) {
            this.port = port;
        }

        public String getChannel() {
            return channel;
        }

        public void setChannel(String channel) {
            this.channel = channel;
        }

        public String getQueManager() {
            return queManager;
        }

        public void setQueManager(String queManager) {
            this.queManager = queManager;
        }       
    }


}

I am storing my environment variables in a Notes keyword document. Does anyone has a clue why this code breaks at:

connection = factory.createQueueConnection("","");

?

The key file is included as a resource with the agent and was provided to me.

Patrick Kwinten
  • 1,988
  • 2
  • 14
  • 26

1 Answers1

0

Does anyone has a clue why this code breaks at:

connection = factory.createQueueConnection("","");

That is the line of code that actually causes the client to connect to the queue manager. Are you using an IBM JRE or Oracle JRE? What is the error message in the queue manager error log?

You are supplying a blank UserId and Password. Very bad idea. Also, the queue manager's CHLAUTH rules should block a blank UserId.

Roger
  • 7,062
  • 13
  • 20
  • Hi Roger, I set my agent to user a provided user ID, password, also the keystore is setup for this user. Nevertheless I remain stuck at the part where I create a queconnection for the MQQueueconnectionfactory. Is there anyway to investigate which part of the factorysetting could cause a problem? – Patrick Kwinten Jul 05 '17 at 07:55
  • Here is my error message: javax.jms.JMSException: MQJMS2005: failed to create MQQueueManager for 'ibmmq.mycorp.se:QMANAGER' at com.ibm.mq.jms.services.ConfigEnvironment.newException(ConfigEnvironment.java:586) at com.ibm.mq.jms.MQConnection.createQM(MQConnection.java:2110) at – Patrick Kwinten Jul 05 '17 at 07:55
  • com.ibm.mq.jms.MQConnection.createQMNonXA(MQConnection.java:1532) at com.ibm.mq.jms.MQQueueConnection.(MQQueueConnection.java:150) at com.ibm.mq.jms.MQQueueConnectionFactory.createQueueConnection(MQQueueConnectionFactory.java:185) at JavaAgent.NotesMain(Unknown Source) at lotus.domino.AgentBase.runNotes(Unknown Source) at lotus.domino.NotesThread.run(Unknown Source) – Patrick Kwinten Jul 05 '17 at 07:55
  • @PatrickKwinten, as Roger already asked "What is the error message in the queue manager error log?". Also it is much better to edit your question and provide additional details since you can format the error messages. In comments you can not format them. – JoshMc Jul 05 '17 at 12:27
  • I found a clue via looping through the exception. catch (JMSException ex) { oli.logError(ex); Throwable innerException = ex.getLinkedException(); if (innerException != null) { msg = "Inner exception(s):"; toLogDebug(msg); } while (innerException != null) { msg = innerException.toString(); toLogDebug(msg); innerException = innerException.getCause(); } } catch (Exception ex){ oli.logError(ex); } – Patrick Kwinten Jul 05 '17 at 12:36
  • I asked you 2 questions above and you have not answered either. – Roger Jul 06 '17 at 18:21