Problems creating Queuemanager using a channel configured for SSL - Websphere

This is a discussion on Problems creating Queuemanager using a channel configured for SSL - Websphere ; I followed the instructions in the MQ Security manual to set this up - http://publibfp.boulder.ibm.com/epubs/pdf/csqzas03.pdf When I try to create the Queuemanager using a channel configured for SSL I get the following error: The public key in the issuer's certificate ...

+ Reply to Thread
Results 1 to 2 of 2

Thread: Problems creating Queuemanager using a channel configured for SSL

  1. Problems creating Queuemanager using a channel configured for SSL

    I followed the instructions in the MQ Security manual to set this up - http://publibfp.boulder.ibm.com/epubs/pdf/csqzas03.pdf

    When I try to create the Queuemanager using a channel configured for SSL I get the following error:

    The public key in the issuer's certificate has failed to validate the subject certificate.

    The public key in the issuer's certificate (CA or signer certificate), is used to verify the signature on the subject certificate assigned to channel SampleChannel. This verification has failed, and the subject certificate therefore cannot be used. The WebSphere MQ error recording routine has been called.

    Check that the issuer's certificate is valid and available, and that it is up to date. Verify with the certificate's issuer that the subject certificate and issuer certificate should still be valid. If the problem cannot be resolved then use the standard facilities supplied with your system to record the problem identifier and save the generated output files, and then contact your IBM support center. Do not discard these files until the problem has been resolved.


    Would anyone have the resolution to this problem.

  2. Re: Problems creating Queuemanager using a channel configured forSSL

    networkservices@singularity.co.uk wrote:
    > I followed the instructions in the MQ Security manual to set this up -
    > http://publibfp.boulder.ibm.com/epubs/pdf/csqzas03.pdf
    >
    > When I try to create the Queuemanager using a channel configured for SSL I
    > get the following error:
    >
    > The public key in the issuer's certificate has failed to validate the subject
    > certificate.


    > Would anyone have the resolution to this problem.


    Well, the obvious questions are:

    1) Has your issuer certificate expired?
    [Should be no]
    2) Has your server certificate expired?
    [Should be no]
    3) Has your server certificate been signed by your issuer certificate?
    [Should be yes]
    4) Does your client have access to the public part of your issuer certificate?
    [Should be yes]
    5) Does your client trust your issuer certificate?
    [Should be yes]

    If your answers aren't as outlined above, change things until they are.

    Hope this helps,

    Phil
    --
    XMS Client Development

+ Reply to Thread