JMS Connection Issue To Websphere MQ Via SSL Caused by: java.io.IOException: Invalid keystore format
(Doc ID 2374725.1)
Last updated on AUGUST 28, 2020
Applies to:Oracle WebLogic Server - Version 220.127.116.11.0 and later
Information in this document applies to any platform.
JMS connection issue to Websphere MQ via SSL
WebLogic platform Middleware upgrade involves the connection to WebsphereMQ interface via SSL which gets an update from 18.104.22.168a to 22.214.171.124a and has been encrypted via SSL. At this update some SSL Ciphers are eliminated as insecure, that we need to change to TLS_RSA_WITH_AES_256_CBC_SHA256. Since this change we have difficulties to establish the SSL connection in direction WebsphereMQ. The required MQ client java libs (providerutil.jar, fscontext.jar, com.ibm.mqjms.jar and com.ibm.mq.jmqi.jar) have been copied from the 8 version in the DOMAIN/lib directory. The aforementioned Cipher have been entered in the template for the .bindings file and Dcom.ibm.mq.cfg.useIBMCipherMappings=false configured as Java-Arg. The client-certificate is stored in a JCEKS Keystore. In the server log we see then, that the connection attempt fails and as a cause a 'Caused by: java.io.IOException: Invalid keystore format' occurs. However, we do not have a plausible explanation for it..
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document