My Oracle Support Banner

E-IB: Getting Error javax.net.ssl.SSLHandshakeException Between Integration Broker And MQ Server (Doc ID 2376856.1)

Last updated on MARCH 22, 2018

Applies to:

PeopleSoft Enterprise PT PeopleTools - Version 8.56 and later
Information in this document applies to any platform.

Symptoms

On PeopleTools: 8.56

Getting SSL Handshake error between Integration Broker and MQ server.

Error Message:

com.ibm.msg.client.jms.DetailedJMSException: JMSWMQ0018: Failed to connect to queue manager 'OL01OCS' with connection mode 'Client' and host name 'sf1-cannon1-ilb-mq.xxx.com(1480)'.
....
Caused by: com.ibm.mq.MQException: JMSCMQ0001: WebSphere MQ call failed with compcode '2' ('MQCC_FAILED') reason '2397' ('MQRC_JSSE_ERROR').
at com.ibm.msg.client.wmq.common.internal.Reason.createException(Reason.java:203)
... 15 more
Caused by: com.ibm.mq.jmqi.JmqiException: CC=2;RC=2397;AMQ9204: Connection to host 'sf1-cannon1-ilb-mq.xxx.com(1480)' rejected. [1=com.ibm.mq.jmqi.JmqiException[CC=2;RC=2397;AMQ9771: SSL handshake failed. [1=javax.net.ssl.SSLHandshakeException[sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target],3=sf1-cannon1-ilb-mq.xxx.com/10.46.107.211:1480 (sf1-cannon1-ilb-mq.xxx.com),4=SSLSocket.startHandshake,5=default]],3=sf1-cannon1-ilb-mq.xxx.com(1480),5=RemoteTCPConnection.protocolConnect]

The server is still using the standard pskey instead of the custom Trust Store that was setup in the Console. Customer has an old multi-server installation on the same server using the same certificates, yet it is able to connect.

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.