Monday, June 15, 2015

Connecting IBM MQ with WSO2 ESB via SSL (Mutual Authentication)

Thought of writing this blog because very recently we a had use-case to demonstrate this particular features, but not like other MQ, IBM MQ gave us a hard time to figure out and fix the puzzle. On the other hand WSO2 ESB to MQ connection via SSL quite important and the most trick part is to learn the materials provided by IBM, this blog covers connecting IBM MQ 8.0 with Fix pack released for MQ SSL related issues MQ please find the detail [2][4]

  • First tricky part is to define a certificate repository correctly best way learn this is to study [1], please find the  key repository detail I have configured.

  • Once you do that, next most important part is setting key repositories to MQ connection managers, you need to give the path in which the key repository has stored

  • Then you need to follow the same procedure to create connection with .binding  [3]
  • Once do that you need to provide the SSL cipher spec which suppose to use there are few algorithms but remember that with IBM MQ 8.0 onwards SSL V3 support is deprecated thus you need to use the latest java client libraries to connect the queue.
  • Please read [5] the changes that accommodated in IBM MQ 8.0

  • There were lots of class loader issues, it was due to MQ 7.0.0 client libraries conflict and we have created new OSGI jar bundle to resolve this puzzle, please find the latest jars which you must put in ESB dropping folder and make sure only those two jars only required for connect latest MQ 8.0 otherwise you will get tons of connection related issues.
  • Then when you start ESB you need to include the cipher spec as environment variable, please make sure to modify with