Skip to main content

Qlik

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements
Join us at Qlik Connect for 3 magical days of learning, networking,and inspiration! REGISTER TODAY and save!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Anonymous
Not applicable
‎2015-11-13 11:41 PM

SSL connectivity to MQ Server from client

I have a Talend job that publishes messages to MQ on a remote Websphere MQ server. I used tMomOutput in the job. The job works fine. However, it doesn't work once the SSL security is enabled on the remote MQ server.  The cipher suite set on the MQ server is "SSL_RSA_WITH_DES_CBC_SHA".
I imported the signed certs of the remote MQ server in the client computer's trust-store and also set the cipher suite to "SSL_RSA_WITH_DES_CBC_SHA" (on the weblogic server where the Talend job is deployed). Also, I set the "CipherSpec" to "TRIPLE_DES_SHA_US" (that sets the cipher suite to "SSL_RSA_WITH_DES_CBC_SHA") in the tMomOutput component. The job fails with the following error:
"Caused by: javax.net.ssl.SSLHandshakeException: No appropriate protocol (protocol is disabled or cipher suites are inappropriate)
        at sun.security.ssl.Handshaker.activate(Handshaker.java:503)
        at sun.security.ssl.SSLSocketImpl.kickstartHandshake(SSLSocketImpl.java:1482)
        at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1351)
        at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1403)
        at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1387)
        at com.ibm.mq.SSLHelper.configureSSLSocket(SSLHelper.java:768)
        at com.ibm.mq.SSLHelper.createSSLSocket(SSLHelper.java:154)"
I am not sure what's causing this error. Could someone please help me? Am I missing any additional settings in Talend?
Thanks for your help.
Labels (3)
Labels
478 Views
7 Replies
Anonymous
Not applicable
‎2015-11-15 10:26 PM
Author

Hi,
Could you please try to use component TalendHelpCenter:tSetKeystore to submit authentication data of a truststore with keystore to validation for the SSL connection to see if it works?
Best regards
Sabrina
478 Views
0 Likes
Anonymous
Not applicable
‎2015-11-17 11:40 AM
Author

0683p000009MCCm.png Thanks, xdshi. 
I tried that, it doesn't work (deployed on weblogic). It throws this error:
 
Caused by: com.ibm.mq.jmqi.JmqiException: CC=2;RC=2397;AMQ9771: SSL handshake failed. ,3=xxxxxx.xxxxx.com/xxx.xxx.xx.62:1414 (xxxxx.xxxxx.com),4=SSLSocket.startHandshake,5=default]
        at com.ibm.mq.jmqi.remote.impl.RemoteTCPConnection.protocolConnect(Remote
------------------
Although I imported the certs into DemoTrust.jks and the tSetKeyStore points to this file, its still failing. However, this job works fine from Talend OpenStudio and also works when I run as a Standalone job (using the .sh file)
Thanks again.
0683p000009MCJH.png
478 Views
0 Likes
AndreevYuri
Contributor
Contributor
‎2016-02-04 12:11 PM

Hi!
Always concentrate your attention on "cause" block:
Caused by: javax.net.ssl.SSLHandshakeException: No appropriate protocol (protocol is disabled or cipher suites are inappropriate)
http://stackoverflow.com/questions/28236091/how-to-enable-ssl-3-in-java
Also check General Java setting: Control Panel ->Java
Good Luck.
478 Views
0 Likes
Anonymous
Not applicable
‎2016-10-04 06:00 AM
Author

Hi 
Is this connection is successfully established, I am also getting same error

Caused by: javax.net.ssl.SSLHandshakeException: No appropriate protocol (protocol is disabled or cipher suites are inappropriate)
        at sun.security.ssl.Handshaker.activate(Handshaker.java:503)
        at sun.security.ssl.SSLSocketImpl.kickstartHandshake(SSLSocketImpl.java:1482)
        at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1351)
        at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1403)
        at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1387)
        at com.ibm.mq.SSLHelper.configureSSLSocket(SSLHelper.java:768)
        at com.ibm.mq.SSLHelper.createSSLSocket(SSLHelper.java:154)
        at com.ibm.mq.MQInternalCommunications.createSocketConnection(MQInternalCommunications.java:2288)
        at com.ibm.mq.MQv6InternalCommunications$1.run(MQv6InternalCommunications.java:166)
        at java.security.AccessController.doPrivileged(Native Method)
        at com.ibm.mq.MQv6InternalCommunications.initialize(MQv6InternalCommunications.java:163)
        at com.ibm.mq.MQv6InternalCommunications.<init>(MQv6InternalCommunications.java:111)
        at com.ibm.mq.MQSESSIONClient.MQCONNX(MQSESSIONClient.java:1458)
        at com.ibm.mq.MQSESSIONClient.MQCONN(MQSESSIONClient.java:1369)
        at com.ibm.mq.MQManagedConnectionJ11.<init>(MQManagedConnectionJ11.java:252)
I am using tSetKeyStore component as well configured 
Thanks
Anil Kumar Burri
478 Views
0 Likes
Anonymous
Not applicable
‎2017-01-10 04:14 AM
Author

Hi 
Any Help !!
478 Views
0 Likes
gunjos
Contributor
Contributor
‎2018-11-16 11:42 AM

There is bug in Talend Component. We received fix the this on Talend 6.2 and 6.3. I am not sure about others.

478 Views
0 Likes
PChouhan1653056348
Contributor
Contributor
‎2022-05-20 11:45 AM

Hi,

Did your issue resolved ? I am also having similar problem where i am facing SSL error and unable to connect to my Remote Server . Can you tell me how do we install SSL certificates into our Talend and how do we use it for establishing connection

478 Views
0 Likes