Reputation: 1
Implement SSL in IBM MQ in Node js
Trying to publish and subscribe message from IBM MQ 9 which has Cipher suite, user id, password, mykey.kdb file for SSL connection. we are able to connect through SSL with java. but want to do same thing with node js. While trying to do so we are getting SSL_INITIALISATION_ERROR. In AMQERR01.LOG we are Seeing below error block:
AMQ6090I:MQM could not display text for error 3456322
COMMENTINSERT3(SSLCIPH(' ') -> SSLCIPH(???))
can anyone help me on connecting to MQ using NOde js?
Upvotes: 0
Views: 890
Answers (1)
Reputation: 4735
If you have TLS working with Java, then in most likelihood you have the server configured correctly.
To run a Node.js MQ Client in TLS mode needs code that sets the cipher spec and identifies the location of the client keys.
const KEY_REPOSITORY = "../keys/clientkey";
const CIPHER = "TLS_RSA_WITH_AES_128_CBC_SHA256";
var cno = new mq.MQCNO();
// code that sets up cno object
// like Options and MQCSP credentials
var cd = new mq.MQCD();
// And then fill in relevant fields for the MQCD
// like ChannelName and ConnectionName
// If running in TLS Mode
cd.SSLCipherSpec = CIPHER;
cd.SSLClientAuth = MQC.MQSCA_OPTIONAL;
var sco = new mq.MQSCO();
sco.KeyRepository = KEY_REPOSITORY;
// And make the CNO refer to the SSL Connection Options
cno.SSLConfig = sco;
For java you are most likely using a .jks client keystore. For MQI based Clients (Node, Python, Go, C), you need a key database and stash file.
As you will need to have installed the MQI client, you can run the runmqakm tool to create them:
runmqakm -keydb -create -db clientkey.kdb -pw tru5tpassw0rd -type pkcs12 -expire 1000 -stash
and import the server's public key certificate into the client key database
runmqakm -cert -add -label QM1.cert -db clientkey.kdb -pw tru5tpassw0rd -trust enable -file key.crt
Notice that I have called the keystore and stash clientkey. You can call them what ever you want, but in your node.js code set
sco.KeyRepository = KEY_REPOSITORY;
to point at your equivalent of clientkey
Upvotes: 3
Related Questions
- How to implement IBM MQ with Nodejs?
- How to establish SSL communication be IBM MQ & the MQ java client?
- How to use Keystore to connect to SSL enabled IBM MQ using NodeJS
- Could not Connect to IBMMQ 7.5 using SSL
- IBM MQ: Establishing an SSL connection
- ibm mq + ssl + self signed certs
- Configure IBM Websphere Mq server and a Java Client to Create SSL Connection
- Configure SSL for IBM MQ v7.5
- SSL connection to IBM MQ through ssl channel from java client
- SSL connect to MQ using .net mq client SSLV3?