With ibm-java-jre-8.0-8.15, i am getting different error like below, but queue manger is up and running.,
Could not connect to MQ server located at mq-sit1.nam.nsroot.net
MQJE001: Completion Code ‘2’, Reason ‘2059’. - Queue manager is not available for connection.
With ibm java 8.0.8.0 getting logs with java call stack.
The error 'MQJE001: Completion Code ‘2’, Reason ‘2059’ typically indicates that the queue manager is not available for connection. This could be due to various reasons such as the queue manager being down, network issues, or incorrect connection parameters. However, without more specific information, it’s hard to provide a definitive answer.
Getting “java.lang.NoClassDefFoundError: Could not initialize class com.ibm.mq.MQEnvironment” error while doing a test connection from MQ server form
Received MQ message Exception: MQJE001: Completion Code ‘2’, Reason ‘2033’
Error in MQ Test Connectivity
I can see that you logged support tickets for this issue:
CLOSED:
INC-253586 (MQ server connectivity is failing INC-241716)
At the time our GCS team tried to help you further but they received no response. They requested :
Provide Application server, Mq Server version details and also Java version that application is using?
What are the MQ jars you are using, How you are loading these Mq jars into classpath?
Are you using Jvm argument: -Dcom.ibm.mq.cfg.useIBMCipherMappings? If yes what is the value set?
Set Jvm argument -Djavax.net.debug=ssl,handshake Restart server, capture server logs then respoduce the issue and share the logs with us
INC-257135 (MQ server connectivity is failing with strong ciphers)
Root cause due to infrastructure:
[1/19/23 1:20:39:826 CST] 000000ad SystemOut O 2023-01-19 01:20:39,775 [ WebContainer : 10] [TABTHREAD2] [ Disputes:01.01.09] ( messaging.mq.MQUtils) ERROR gtcrd-pegla03d.nam.nsroot.net|gtcrd-pegla03d.nam.nsroot.net ps53083.dev - Could not connect to MQ server located at mq-sit2.nam.nsroot.net
MQJE001: Completion Code ‘2’, Reason ‘2400’. - Unsupported CipherSuite:
Check the CipherSuite specified by the application.
Check that JSSE is correctly installed.
com.ibm.mq.MQException: MQJE001: Completion Code ‘2’, Reason ‘2400’.
Solution description:
Client should check the JVM JCE files.
**INC-A29760 (**MQ connection issues in Pega 8.8.2)
this issue occurred when DB connection is being made with a user who does not have privileges to query the pr_engineclasses table in the rules schema.
solution was to recheck the privileges to the table that you modifying?
·
OPEN:
INC-A23657 (JMS connectivity is failing after latest cipher update)
GCS checked you java.security files and a week ago contacted you to provide their analysis:
There is a difference in the property “crypto.policy” in working and non-working environment. Can you confirm why there is a difference? Also, can you confirm that the jars present in their jre/lib/security matching in both working and non working environments?
—> Again, GCS is waiting for your response. Please continue to work on the open ticket via the MSP, (not the PSC).
UPDATE 5 FEBURARY:*********
Ticket was closed due to inactivity:
Notes:
In lower environments (DEV, QA etc..) the issue does NOT occur. The pega application is able to connect to the new tibco server (strong ciphers)
Client has confirmed that configuration is identitical, but in PROD we are observing the No appropriate protocol (protocol is disabled or cipher suites are inappropriate) error
Pega Level DEBUG loggers are enabled but are not printing to the logs.
Due to production freeze client is unable to make -Djavax.net.debug JVM level changes to enable SSL debug
Next steps:
We are currently blocked because we need net.debug logs enabled at the JVM level.
Client to speak with manager to enable net.debug in production
We can then compare the logs with the working connectivity in lower environment to identify the fail over
Please contact GCS via MSP ticket to provide server logs with -Djavax.net.debug enabled from both production and lower environment for comparison
@Prashanthks INC-A23657 has been closed temporarily as per your request January 19th:
This was the analysis on February 2nd:.
JMS Listener is unable to connect to new tibco server which contains strong ciphers
Notes:
In lower environments (DEV, QA etc..) the issue does NOT occur. The pega application is able to connect to the new tibco server (strong ciphers)
Client has confirmed that configuration is identiical, but in PROD we are observing the No appropriate protocol (protocol is disabled or cipher suites are inappropriate) error
Pega Level DEBUG loggers are enabled but are not printing to the logs.
Client is unable to make -Djavax.net.debug JVM level changes to enable SSL debug
Next steps:
Client to enabled at the JVM level and provide server logs with -Djavax.net.debug from both production and lower environment for comparison
Update after further investigation:
The Tibco jars were included in the production system by importing them in the standard fashion. They were also included in the WAR deployment, but weren’t picked up from the WAR path because of the fact the jars were loaded to the database.
In lower environments the Tibco jars were only provided in the WAR deployment, and with slightly different Tibco optional jars included.
After deleting the Tibco jars from the production database, clearing the Pega temporary directories and restarting, we were able to point the JVM JDK version to latest java and the JMS connectivity looks good
