My Oracle Support Banner

JMS Connection Issue To Websphere MQ Via SSL Caused by: java.io.IOException: Invalid keystore format (Doc ID 2374725.1)

Last updated on MARCH 23, 2018

Applies to:

Oracle WebLogic Server - Version 12.2.1.0.0 and later
Information in this document applies to any platform.

Symptoms

JMS connection issue to Websphere MQ via SSL

WebLogic platform Middleware upgrade involves the connection to WebsphereMQ interface via SSL which gets an update from 7.0.1.4a to 8.0.0.5a and has been encrypted via SSL. At this update some SSL Ciphers are eliminated as insecure, that we need to change to TLS_RSA_WITH_AES_256_CBC_SHA256. Since this change we have difficulties to establish the SSL connection in direction WebsphereMQ. The required MQ client java libs (providerutil.jar, fscontext.jar, com.ibm.mqjms.jar and com.ibm.mq.jmqi.jar) have been copied from the 8 version in the DOMAIN/lib directory. The aforementioned Cipher have been entered in the template for the .bindings file and Dcom.ibm.mq.cfg.useIBMCipherMappings=false configured as Java-Arg. The client-certificate is stored in a JCEKS Keystore. In the clust1.log we see then, that the connection attempt fails and as a cause a 'Caused by: java.io.IOException: Invalid keystore format' occurs. However, we do not have a plausible explanation for it..

Complete error:

Changes

 

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.