【发布时间】:2016-04-21 10:53:54
【问题描述】:
我已将 KeyStore 设置为 *User 以从 Windows 证书存储中获取证书。Mq 客户端应用程序正在尝试使用标签名称查找证书,如客户端 Trace 的日志中所示。我尝试从 client.ini 和代码设置 CertificateLabel,但它没有覆盖该值。
我应该如何改变它?即使我可以覆盖我如何更改我直接导入我的证书存储的证书的标签?
请帮忙
000001B6 12:23:39.868134 4236.8 Created store object to access certificates
000001B7 12:23:39.868134 4236.8 Opened store
000001B8 12:23:39.868134 4236.8 Accessing certificate - **ibmwebspheremq(username)**
How should i change the lable in the certificate store for the existing certificate
And then it throws the below exception
000001B9 12:23:39.868134 4236.8 TLS12 supported - True
000001BA 12:23:39.868134 4236.8 Setting SslProtol as Tls
000001BB 12:23:39.868134 4236.8 Starting SSL Authentication
000001BC 12:23:39.868134 4236.8 ------------{ MQEncryptedSocket.FixClientCertificate(Object,String,X509CertificateCollection,X509Certificate,String[])
000001BD 12:23:39.868134 4236.8 Client callback has been invoked to find client certificate
000001BE 12:23:39.868134 4236.8 ------------} MQEncryptedSocket.FixClientCertificate(Object,String,X509CertificateCollection,X509Certificate,String[]) rc=OK
000001BF 12:23:40.507601 4236.8 System.Security.Authentication.AuthenticationException: A call to SSPI failed, see inner exception. ---> System.ComponentModel.Win32Exception: The client and server cannot communicate, because they do not possess a common algorithm
【问题讨论】:
-
您使用的是什么版本的 MQ 客户端?建议你通读这篇博客:ibm.com/developerworks/community/blogs/messaging/entry/…
-
AM 使用 MQ 客户端 8.0。我确实阅读了这篇文章并且正在做同样的事情
-
您是否尝试过设置 MQEnvironment.CertificateLable?
标签: .net ssl ibm-mq mq digital-certificate