原始问题:https ://github.com/dsuch/pymqi/issues/181
你好!
我的 MQ 客户端版本是 9.0.0.3-IBM-MQC-LinuxX64 应用程序在容器中工作,编排是 Openshift 3.0。
Cert reqs 由以下命令创建:
runmqckm -certreq -create -db od99usr.kdb -pw pw -label ibmwebspheremqod99usr -dn dn -size 2048 -file od99usr.csr -sig_alg SHA256WithRSA
我的应用程序的部分代码:
key_repo_location = settings.MQ_KEY_REPO_LOCATION
conn_info = "%s(%s)" % (host, port)
ssl_cipher_spec = 'TLS_RSA_WITH_AES_128_CBC_SHA256'
cd = pymqi.CD()
cd.ChannelName = channel
cd.ConnectionName = conn_info
cd.ChannelType = pymqi.CMQC.MQCHT_CLNTCONN
cd.TransportType = pymqi.CMQC.MQXPT_TCP
cd.SSLCipherSpec = ssl_cipher_spec
cd.CertificateLabel = "ibmwebspheremqod99usr"
# SCO
sco = pymqi.SCO()
sco.CertificateLabel = "ibmwebspheremqod99usr"
sco.KeyRepository = key_repo_location
来自容器的 Whoaim:
whoami
whoami: cannot find name for user ID 1007400000
当我尝试连接时,出现以下 python 错误:
Traceback (most recent call last):
File "/usr/local/lib/python3.6/site-packages/celery/app/trace.py", line 385, in trace_task
R = retval = fun(*args, **kwargs)
File "/usr/local/lib/python3.6/site-packages/celery/app/trace.py", line 648, in __protected_call__
return self.run(*args, **kwargs)
File "/code/base/tasks.py", line 22, in get_create_incident_results
mq = MQConnection()
File "/code/base/mq.py", line 39, in __init__
self.qmgr.connect_with_options(queue_manager, cd, sco)
File "/usr/local/lib64/python3.6/site-packages/pymqi/__init__.py", line 1412, in connectWithOptions
raise MQMIError(rv[1], rv[2])
pymqi.MQMIError: MQI Error. Comp: 2, Reason 2381: FAILED: MQRC_KEY_REPOSITORY_ERROR
在 /var/mqm/errors/*log 我有:
----- amqxfdcx.c : 891 --------------------------------------------------------
04/21/2020 03:27:36 PM - Process(37.1) User(UNKNOWN) Program(celery)
Host(sdsa-47-4rgwt) Installation(Installation1)
VRMF(9.0.0.3) QMgr(.)
AMQ9627: The path and stem name for the SSL key repository have not been
specified.
EXPLANATION:
The directory path and file stem name for the SSL key repository have not been
specified. On a MQ client system there is no default location for this file.
SSL connectivity is therefore impossible as this file cannot be accessed.
ACTION:
Use the MQSSLKEYR environment variable or MQCONNX API call to specify the
directory path and file stem name for the SSL key repository.
你能解释一下我的错误在哪里吗?我还尝试更改
sco.CertificateLabel为“od99usr”删除并添加cd.CertificateLabel
但得到相同的错误=(
编辑:
$ oc rsh pod
echo $HOME; ls -ls $HOME
/
total 0
0 lrwxrwxrwx. 1 root root 7 Sep 19 2018 bin -> usr/bin
0 dr-xr-xr-x. 2 root root 6 Dec 14 2017 boot
0 drwxrwxrwx. 1 od99usr od99usr 69 Apr 21 19:09 code
0 drwxr-xr-x. 5 root root 360 Apr 21 19:08 dev
0 drwxr-xr-x. 1 root root 66 Apr 21 19:08 etc
0 drwxr-xr-x. 2 root root 6 Sep 19 2018 home
0 lrwxrwxrwx. 1 root root 7 Sep 19 2018 lib -> usr/lib
0 lrwxrwxrwx. 1 root root 9 Sep 19 2018 lib64 -> usr/lib64
0 drwxr-xr-x. 2 root root 6 Dec 14 2017 media
0 drwxr-xr-x. 2 root root 6 Dec 14 2017 mnt
0 drwxr-xr-x. 1 root root 17 Apr 21 13:33 opt
0 drwxr-xr-x. 3 od99usr root 21 Apr 21 13:36 oracle
0 dr-xr-xr-x. 391 root root 0 Apr 21 19:08 proc
0 dr-xr-x---. 1 root root 23 Sep 19 2018 root
0 drwxrwxrwx. 1 root root 23 Apr 21 19:08 run
0 lrwxrwxrwx. 1 root root 8 Sep 19 2018 sbin -> usr/sbin
0 drwxr-xr-x. 2 root root 6 Dec 14 2017 srv
0 dr-xr-xr-x. 13 root root 0 Aug 30 2019 sys
0 drwxrwxrwx. 1 root root 73 Apr 21 19:10 tmp
0 drwxr-xr-x. 1 root root 19 Sep 19 2018 usr
0 drwxr-xr-x. 1 root root 39 Apr 21 13:33 var