0

我对 HermesJMS 不是很熟悉。

我已将 HermesJMS 配置为在某个时候连接一些 MQ,它工作正常。然后我停止使用它。现在我正在尝试连接到同一组 MQ,但出现以下错误。

com.ibm.mq.MQException: MQJE001: Completion Code 2, Reason 2397
at com.ibm.mq.MQManagedConnectionJ11.<init>(MQManagedConnectionJ11.java:282)
at com.ibm.mq.MQClientManagedConnectionFactoryJ11._createManagedConnection(MQClientManagedConnectionFactoryJ11.java:301)
at com.ibm.mq.MQClientManagedConnectionFactoryJ11.createManagedConnection(MQClientManagedConnectionFactoryJ11.java:323)
at com.ibm.mq.StoredManagedConnection.<init>(StoredManagedConnection.java:84)
at com.ibm.mq.MQSimpleConnectionManager.allocateConnection(MQSimpleConnectionManager.java:173)
at com.ibm.mq.MQQueueManagerFactory.obtainBaseMQQueueManager(MQQueueManagerFactory.java:795)
at com.ibm.mq.MQQueueManagerFactory.procure(MQQueueManagerFactory.java:709)
at com.ibm.mq.MQQueueManagerFactory.constructQueueManager(MQQueueManagerFactory.java:664)
at com.ibm.mq.MQQueueManagerFactory.createQueueManager(MQQueueManagerFactory.java:160)
at com.ibm.mq.MQQueueManager.<init>(MQQueueManager.java:554)
at com.ibm.mq.MQSPIQueueManager.<init>(MQSPIQueueManager.java:62)
at com.ibm.mq.jms.MQConnection.createQM(MQConnection.java:2513)
at com.ibm.mq.jms.MQConnection.createQMNonXA(MQConnection.java:1936)
at com.ibm.mq.jms.MQQueueConnection.<init>(MQQueueConnection.java:161)
at com.ibm.mq.jms.MQQueueConnectionFactory.createQueueConnection(MQQueueConnectionFactory.java:222)
at com.ibm.mq.jms.MQQueueConnectionFactory.createConnection(MQQueueConnectionFactory.java:1077)
at hermes.impl.jms.ConnectionManagerSupport.createConnection(ConnectionManagerSupport.java:126)
at hermes.impl.jms.ConnectionSharedManager.reconnect(ConnectionSharedManager.java:77)
at hermes.impl.jms.ThreadLocalSessionManager.reconnect(ThreadLocalSessionManager.java:148)
at hermes.impl.DefaultHermesImpl.reconnect(DefaultHermesImpl.java:130)
at hermes.impl.DefaultHermesImpl.getDestination(DefaultHermesImpl.java:364)
at hermes.browser.tasks.BrowseDestinationTask.invoke(BrowseDestinationTask.java:141)
at hermes.browser.tasks.TaskSupport.run(TaskSupport.java:175)
at hermes.browser.tasks.ThreadPool.run(ThreadPool.java:170)
at java.lang.Thread.run(Unknown Source)
Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.ssl.Alerts.getSSLException(Unknown Source)
at sun.security.ssl.SSLSocketImpl.fatal(Unknown Source)
at sun.security.ssl.Handshaker.fatalSE(Unknown Source)
at sun.security.ssl.Handshaker.fatalSE(Unknown Source)
at sun.security.ssl.ClientHandshaker.serverCertificate(Unknown Source)
at sun.security.ssl.ClientHandshaker.processMessage(Unknown Source)
at sun.security.ssl.Handshaker.processLoop(Unknown Source)
at sun.security.ssl.Handshaker.process_record(Unknown Source)
at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at com.ibm.mq.SSLHelper.configureSSLSocket(SSLHelper.java:768)
at com.ibm.mq.SSLHelper.createSSLSocket(SSLHelper.java:154)
at com.ibm.mq.MQInternalCommunications.createSocketConnection(MQInternalCommunications.java:2335)
at com.ibm.mq.MQv6InternalCommunications$1.run(MQv6InternalCommunications.java:169)
at java.security.AccessController.doPrivileged(Native Method)
at com.ibm.mq.MQv6InternalCommunications.initialize(MQv6InternalCommunications.java:166)
at com.ibm.mq.MQv6InternalCommunications.<init>(MQv6InternalCommunications.java:114)
at com.ibm.mq.MQSESSIONClient.MQCONNX(MQSESSIONClient.java:1458)
at com.ibm.mq.MQSESSIONClient.spiConnect(MQSESSIONClient.java:4610)
at com.ibm.mq.MQManagedConnectionJ11.<init>(MQManagedConnectionJ11.java:246)
... 24 more
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.validator.PKIXValidator.doBuild(Unknown Source)
at sun.security.validator.PKIXValidator.engineValidate(Unknown Source)
at sun.security.validator.Validator.validate(Unknown Source)
at sun.security.ssl.X509TrustManagerImpl.validate(Unknown Source)
at sun.security.ssl.X509TrustManagerImpl.checkTrusted(Unknown Source)
at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown Source)
... 42 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(Unknown Source)
at java.security.cert.CertPathBuilder.build(Unknown Source)
... 48 more

我知道这与证书有关,因为它提供 SSLHandshakeException,但我不太确定应该在哪里检查配置。据我所知,配置没有变化。(我不能确定这一点,因为 MQ 由不同的团队管理,他们不会费心将更改传达给世界其他地方)。

如何验证并确认是证书问题而不是其他配置问题。

4

1 回答 1

0

如果您在配置中没有进行任何更改,最有可能的是服务端点更改或更新其服务器域证书,因此它不再是您的配置的受信任证书。

要解决此问题,您需要在您的信任库中添加证书颁发机构(或直接添加自签名证书的服务器域证书)。

SOAPUI 它是基于 Java 的,并且 Java 带有自己的truststore。好的做法是将CA证书添加到您的信任库(但也可以只添加服务器证书)。您可以使用keytool以下命令添加它:

keytool -import -alias <someAlias> -file <certificatePath> -keystore <trustStorePath>

取决于您的SOAPUI安装,信任库位置可能会有所不同,如果您在SOAPUI中捆绑了JRE ,那么您的信任库在,如果没有,那么在运行SOAPUI的Java安装中(两者的默认密码都是)。SOAPUI_HOME/jre/lib/security/cacerts$JAVA_HOME/JRE/Security/cacertschangeit

希望能帮助到你,

于 2016-03-18T09:08:46.190 回答