Below Code is just working fine with IBMMQ 8.0 DLL and server when I switch to 7.5 (both DLL and server) it is giving me this error using same certificate
The SSL key repository cannot be used because MQ cannot obtain a
password to access it. Reasons giving rise to this error include: &B
(a) the key database file and password stash file are not present in
the location configured for the key repository, &B (b) the key
database file exists in the correct place but that no password stash
file has been created for it, &B (c) the files are present in the
correct place but the userid under
public void test() {
Environment.SetEnvironmentVariable("MQCCSID", "437");
MQQueueManager mQQueueManager = null;
MQQueue mQQueue = null;
Hashtable hashTable = null;
try {
hashTable = new Hashtable();
// Setup properties for connection
hashTable.Add(MQC.TRANSPORT_PROPERTY, MQC.TRANSPORT_MQSERIES_MANAGED);
hashTable.Add(MQC.HOST_NAME_PROPERTY, "IP");
hashTable.Add(MQC.PORT_PROPERTY, 1414);
hashTable.Add(MQC.CHANNEL_PROPERTY, "Channel");
hashTable.Add(MQC.PASSWORD_PROPERTY, "123");
hashTable.Add(MQC.USER_ID_PROPERTY, "user");
mQQueueManager = new MQQueueManager("QueueName", hashTable);
// Open queue for browsing
mQQueue = mQQueueManager.AccessQueue("que", MQC.MQOO_BROWSE | MQC.MQOO_FAIL_IF_QUIESCING);
ListOfMessages = new List < MQMessageDto > ();
// In a loop browse all messages till we reach end of queue
while (true) {
try {
// Need to create objects everytime
var mQMessage = new MQMessage();
var mQGetMessageOptions = new MQGetMessageOptions {
// Use browse next option to start browsing
Options = MQC.MQGMO_BROWSE_NEXT
};
mQQueue.Get(mQMessage, mQGetMessageOptions);
ListOfMessages.Add(new MQMessageDto() {
Id = ListOfMessages.Count + 1,
Message = Encoding.UTF8.GetString(mQMessage.ReadBytes(mQMessage.MessageLength))
});
} catch (MQException mqex) {
if (ListOfMessages.Count == 0) {
MessageBox.Show("There is no messages in MQ");
}
mQQueue.Close();
break;
}
}
mQQueueManager.Disconnect();
grdMessages.DataSource = ListOfMessages;
grdMessages.Columns["Id"].Width = (int)(grdMessages.Width * 0.1);
grdMessages.Columns["Message"].Width = (int)(grdMessages.Width * 0.8);
} catch (Exception ex) {
MessageBox.Show(ex.Message);
}
}
What are you describing means you have wrong configuration at IBM side, and Since you are using IBM MQ 7.5. I think you got the path for the SSL key repository wrong, it should point to the key name not the folder.
Also make sure that you have selected Optional from SSL tab inside your Channel.
For more details.. More details about this issue can be found here about error this error code:
2538 error on MQ for SSL channel connection
You didn't mention which specific level of 7.5 you are using. If it is 7.5.0.7 or earlier, the stash file will likely be the problem:
https://www.ibm.com/support/knowledgecenter/en/SSFKSJ_9.1.0/com.ibm.mq.mig.doc/q128820_.htm
Older versions of the cryptographic provider used by MQ (GSKit) use a different stash file format for the keystore password.
While newer GSKit versions can handle the old stash file format, the new format is not readable by older GSKit versions. If you are using a level which uses the new format, you can create a backwards-compatible stash file with the -v1stash option:
runmqakm -keydb -stashpw -db <filename> -pw <password> -v1stash
A better alternative, as MQ 7.5 is out of support, would be to use a newer client level, which can still communicate with a 7.5 queue manager if required.
For reference, the first GSKit level which uses the new stash file format is 8.0.50.69. Levels of GSKit bundled with MQ are listed here: https://www.ibm.com/support/pages/levels-jre-and-gskit-bundled-ibm-mq
Regarding:
When I upgraded my client to V9 I'm getting "MQRC_Q_MGR_NOT_AVAILABLE" on client and "4/23/2020 21:03:22 - Process(11764.64) User() Program(amqrmppa.exe) Host(HOST) Installation(Installation1) VRMF(7.5.0.2) QMgr() Remote channel '' did not specify a CipherSpec. Remote channel '' did not specify a CipherSpec when the local channel expected one to be specified. &P The remote host is '...* (...)'. &P The channel did not start. Change the remote channel '' on host ()' to specify a CipherSpec so that both ends of the channel have matching CipherSpecs." in server
display the cipher spec being used dis chl(xxx) SSLCIPH
You may have specified something which is no longer supported by the underlying TLS support.
dis chl(xxx)
Related
I wrote a console app on .NET, to read without consuming the messages from an IBM MQ queue.
Worked perfect.
Now, I need to migrate that app into .NET Core. Can't figure out why it is extremely slow.
How it works:
target framework .NET Core 3.1
IBMMQDotNetClient NuGet package installed
created a helper class, static, with a static constructor where I initialise MQEnvironment properties like so:
MQEnvironment.CertificateLabel = "ibmwebsphere"; // this is the friendlyname on mmc certificate
MQEnvironment.SSLKeyRepository = "*SYSTEM";
added a method called Init where I initialise connection to MQManager like so:
Hashtable properties = new Hashtable();
properties.Add(MQC.TRANSPORT_PROPERTY, MQC.TRANSPORT_MQSERIES_MANAGED);
properties.Add(MQC.HOST_NAME_PROPERTY, hostName); // I read the hostName from a config file
properties.Add(MQC.PORT_PROPERTY, port); // I read the port from a config file
properties.Add(MQC.CHANNEL_PROPERTY, channelName); // I read the channel from a config file
properties.Add(MQC.SSL_CIPHER_SPEC_PROPERTY, cipherSpec); // I read the cipher spec from a config file, it's something like TLS_RSA_WITH_AES_256_CBC_SHA256
Then, I'm going to create a connection to the queue manager using the connection, and read messages one by one until coming to end of the queue.
var queueManager = new MQQueueManager(qm, properties); // I read the qm from a config file
var queue = queueManager.AccessQueue(queueName, MQC.MQOO_BROWSE + MQC.MQOO_FAIL_IF_QUIESCING); // I read the queueName from a config file
var mqGMO = new MQGetMessageOptions();
mqGMO.Options = MQC.MQGMO_FAIL_IF_QUIESCING + MQC.MQGMO_NO_WAIT + MQC.MQGMO_BROWSE_NEXT; mqGMO.MatchOptions = MQC.MQMO_NONE;
try {
while (true) {
MQMessage queueMessage = new MQMessage();
queue.Get(queueMessage, mqGMO); // code gets apparently stuck on this line,
// overprocessing, for many minutes until it gets to the next line,
// even though I mentioned "NO_WAIT" in the options.
// Note this only happens for .NET Core, but not in .NET framework.
var message = queueMessage.ReadString(queueMessage.MessageLength);
string fileName = message.Substring(0,3); // some processing here to extract some info from each message
}
}
catch(MQException ex)
{
if(err.ReasonCode.CompareTo(MQC.MQRC_NO_MSG_AVAILABLE) == 0)
{
// harmless exception to indicate there are no messages on the queue
}
}
catch(Exception ex)
{
Console.WriteLine(ex);
}
Of course it would be preferable to use a listener, not sure how to do that yet, it would be part of optimising, but for now - why is working so slow on line:
queue.Get(queueMessage, mqGMO); // but, again, as mentioned, only with the amqmdnetstd.dll (.NET Core), because if I use amqmdnet.dll (.NET framework), it works super fast, and it's supposed to be the other way around.
I do need to use .NET Standard/Core because I will run this in Linux, currently testing in Windows.
Don't use the MQEnvironment class as it is not threaded safe. Also, don't mix and match between MQEnvironment class and using MQ HashTable. Put your SSL/TLS information as a property in the MQ HashTable.
i.e.
properties.Add(MQC.SSL_PEER_NAME_PROPERTY, "ibmwebsphere");
properties.Add(MQC.SSL_CERT_STORE_PROPERTY, "*SYSTEM");
There isn't enough of your code to test to see why it might be failing.
I wrote and posted a blog item called: IBM MQ For .NET Core Primer. In the blog post, I included a fully functioning C# MQ example (MQTest62L.cs) that was built and run using .NET Core v3.1 and everything worked perfectly (see very bottom of post). Hence, I would suggest you follow my instructions, download, compile and run MQTest62L.cs to see if the issue is your code or MQ Client library.
Note: I was using Windows 10 Pro, IBM MQ v9.2.0.0 and .NET Core v3.1.415.
I am trying to automatically create an SSH connection for a program that uses an SSH tunnel to update a local database from a remote PostgreSQL server. Up to this time, I have been manually opening a tunnel with PuTTY (including local port forwarding instructions with the -L command). I want to use ssh.net to automatically open the port when the program is run. Once the connection is made, the program uses Entity Framework Core to access the remote database.
When I open the SSH connection with PuTTY, the program runs fine. This is the PuTTY command:
//plink.exe -i "C:\Users\user.name\Desktop\host_private_key.ppk" -L 6544:111.22.33.66:6543 -N user#address.io -pw *PASSWORD*"
(login details removed for privacy)
This is the ssh.net code that I have trying to open the same connection:
public void MakeSSHTunnel()
{
string password = "password";
// path of RSA private key in openSSH format:
string privateKeyPath = "C:/Users/user.name/.ssh/id_rsa";
try
{
// creates variable to transmit RSA private key + passphrase to server via SSH.NET, openSSH compatible.
var privateKeyFile = new PrivateKeyFile(privateKeyPath, password);
string serverAddress = "address.io";
string user = "user";
// allows for the remote port forwarding options required by the server
using (var client = new SshClient(serverAddress, user, privateKeyFile))
{
client.Connect();
var tunnel = new ForwardedPortLocal(6544, "111.22.33.66", 6543);
client.AddForwardedPort(tunnel);
// testing weather the connection has been successful:
if (client.IsConnected)
{
Console.WriteLine("OPENTUNNEL.CS: Connection to {0} successful.", serverAddress);
state = "Open";
}
else
{
Console.WriteLine("Connection to {0} failed.");
state = "Closed";
}
tunnel.Exception += delegate (object sender, ExceptionEventArgs e)
{
Console.WriteLine(e.Exception.ToString());
};
tunnel.Start();
Program.RunBackup();
// ... closes the port ... //
tunnel.Stop();
client.Disconnect();
}
}
catch (UnauthorizedAccessException e)
{
Console.WriteLine(e);
}
}
I am confused since in the above, the if (client.IsConnected) returns true.
The error seems to be occurring when the Entity Framework Core OnConfiguring() method passes details of the connection with its optionsBuilder:
optionsBuilder.UseNpgsql($"Host=127.0.0.1;Port=6544;Database=user;Username=user;Password=databasePassworh;CommandTimeout=300;Timeout=300;SSL Mode=Require;Trust Server Certificate=true;Convert Infinity DateTime=true");
The errors that are arising are:
NpgsqlException: Exception while connecting
and:
ExtendedSocketException: No connection could be made because the target machine actively refused it. 127.0.0.1:6544
I have double checked all passwords, and read through all the SSH.NET documentation and code examples, and left all the previously working (via PuTTY) code untouched.
If anyone can see what I'm doing wrong, I would be grateful. C#, SSH.NET and port forwarding are new to me, please tell me where I'm being an idiot.
This code is now working. I believe the problem was that in line:
var tunnel = new ForwardedPortLocal(6544, "111.22.33.66", 6543);
the 'bound port' did not include an address. I had seen examples where this was undefined, and had followed these. On stepping through the code, I noticed that the field was blank, and decided to try 127.0.0.1. This is now successfully connecting to the database. It works with:
var tunnel = new ForwardedPortLocal("127.0.0.1", 6544, "111.22.33.66", 6543);
Thanks for looking into this and for your contributions.
I have an application that is required to put a very simple message to a remote Queue.
The Queue used is provided by a 3rd party and its an IBM WebSphere MQ (Version 7.5).
I tried to use amqmdnet.dll with the example code below but I understood there should be an MQ Client installed on my server to do this.
So my question:
Is there any way to put a message in a queue without all these requirements? like a simple REST or SOAP client ?
I am open to use different languages to implement such a component i just don't want to install a 3rd party application on the server (its a hosting environment)
// ===========================================================================
// Licensed Materials - Property of IBM
// 5724-H72
// (c) Copyright IBM Corp. 2003, 2005
// ===========================================================================
using System;
using System.Collections;
using IBM.WMQ;
class MQSample
{
// The type of connection to use, this can be:-
// MQC.TRANSPORT_MQSERIES_BINDINGS for a server connection.
// MQC.TRANSPORT_MQSERIES_CLIENT for a non-XA client connection
// MQC.TRANSPORT_MQSERIES_XACLIENT for an XA client connection
// MQC.TRANSPORT_MQSERIES_MANAGED for a managed client connection
const String connectionType = MQC.TRANSPORT_MQSERIES_CLIENT;
// Define the name of the queue manager to use (applies to all connections)
const String qManager = "your_Q_manager";
// Define the name of your host connection (applies to client connections only)
const String hostName = "your_hostname";
// Define the name of the channel to use (applies to client connections only)
const String channel = "your_channelname";
/// <summary>
/// Initialise the connection properties for the connection type requested
/// </summary>
/// <param name="connectionType">One of the MQC.TRANSPORT_MQSERIES_ values</param>
static Hashtable init(String connectionType)
{
Hashtable connectionProperties = new Hashtable();
// Add the connection type
connectionProperties.Add(MQC.TRANSPORT_PROPERTY, connectionType);
// Set up the rest of the connection properties, based on the
// connection type requested
switch(connectionType)
{
case MQC.TRANSPORT_MQSERIES_BINDINGS:
break;
case MQC.TRANSPORT_MQSERIES_CLIENT:
case MQC.TRANSPORT_MQSERIES_XACLIENT:
case MQC.TRANSPORT_MQSERIES_MANAGED:
connectionProperties.Add(MQC.HOST_NAME_PROPERTY, hostName);
connectionProperties.Add(MQC.CHANNEL_PROPERTY, channel);
break;
}
return connectionProperties;
}
/// <summary>
/// The main entry point for the application.
/// </summary>
[STAThread]
static int Main(string[] args)
{
try
{
Hashtable connectionProperties = init(connectionType);
// Create a connection to the queue manager using the connection
// properties just defined
MQQueueManager qMgr = new MQQueueManager(qManager, connectionProperties);
// Set up the options on the queue we want to open
int openOptions = MQC.MQOO_INPUT_AS_Q_DEF | MQC.MQOO_OUTPUT;
// Now specify the queue that we want to open,and the open options
MQQueue system_default_local_queue =
qMgr.AccessQueue("SYSTEM.DEFAULT.LOCAL.QUEUE", openOptions);
// Define a WebSphere MQ message, writing some text in UTF format
MQMessage hello_world = new MQMessage();
hello_world.WriteUTF("Hello World!");
// Specify the message options
MQPutMessageOptions pmo = new MQPutMessageOptions(); // accept the defaults,
// same as MQPMO_DEFAULT
// Put the message on the queue
system_default_local_queue.Put(hello_world, pmo);
// Get the message back again
// First define a WebSphere MQ message buffer to receive the message
MQMessage retrievedMessage =new MQMessage();
retrievedMessage.MessageId =hello_world.MessageId;
// Set the get message options
MQGetMessageOptions gmo =new MQGetMessageOptions(); //accept the defaults
//same as MQGMO_DEFAULT
// Get the message off the queue
system_default_local_queue.Get(retrievedMessage,gmo);
// Prove we have the message by displaying the UTF message text
String msgText = retrievedMessage.ReadUTF();
Console.WriteLine("The message is: {0}", msgText);
// Close the queue
system_default_local_queue.Close();
// Disconnect from the queue manager
qMgr.Disconnect();
}
//If an error has occurred in the above,try to identify what went wrong.
//Was it a WebSphere MQ error?
catch (MQException ex)
{
Console.WriteLine("A WebSphere MQ error occurred: {0}", ex.ToString());
}
catch (System.Exception ex)
{
Console.WriteLine("A System error occurred: {0}", ex.ToString());
}
return 0;
}//end of start
}//end of sample
Instead of picking MQC.TRANSPORT_MQSERIES_CLIENT which would cause the amqmdnet.dll to function in unmanaged mode and rely on other non-.NET dlls, you can select MQC.TRANSPORT_MQSERIES_MANAGED to cause it to function in managed mode which means it does not require any other dlls to function.
At MQ v7.5 even in managed mode you can not use the amqmdnet.dll by itself, at that version IBM did not support this configuration. At IBM MQ v8 and later IBM does support using the amqmdnet.dll by itself. You can download the the MQ v8 or MQ v9 redistributable client from one of the links below. Just find the amqmdnet.dll from the zip file and use it.
MQ is fully backward compatible, it should not be an issue for you to connect to a MQ 7.5 queue manager from a higher version client. Also note that MQ v7.5 goes out of support on April 30th 2018, to keep support from IBM the 3rd party will need to either upgrade or pay extra money for extended support.
IBM MQ v8.0 Client
IBM MQ v9.0 Client
This is the situation. I have a Windows machine and a Linux machine. There is a shared drive between these two machines (which is mapped to Q:). I am trying to figure out how to create an SSH session at the Q: drive (shared drive) from C#. I am trying to use the SharpSsh library to do this.
This is what I have so far, however, it is giving me an error:
try
{
ssh = new SshStream(host, username, password);
Console.WriteLine("OK ({0}/{1})", ssh.Cipher, ssh.Mac);
Console.WriteLine("Server version={0}, Client version={1}", ssh.ServerVersion, ssh.ClientVersion);
Console.WriteLine("-Use the 'exit' command to disconnect.");
Console.WriteLine();
//Sets the end of response character
ssh.Prompt = "#";
//Remove terminal emulation characters
ssh.RemoveTerminalEmulationCharacters = true;
//Reads the initial response from the SSH stream
Console.Write(ssh.ReadResponse()); // Blocking here
while (true)
{
string command = Console.ReadLine();
if (command.ToLower().Equals("exit"))
break;
//Write command to the SSH stream
ssh.Write(command);
//Read response from the SSH stream
Console.Write(ssh.ReadResponse());
}
}
catch(Exception e)
{
Console.WriteLine(e.Message);
}
if(ssh != null)
{
ssh.Close();
}
I have added the Tamir.SharpSSH.dll as a reference to the project, and I am using it in the project. There are two other dll's that are included with SharpSSH, do I need to add them as well to the references? The examples I have seen only have the Tamir.SharpSSH.dll as a reference.
I am not sure how to initiate the connection in the correct location, and how to submit commands properly to the ssh.
UPDATE
I realized I needed to close the SSH connection before ending the program. The error does not exist anymore, however, I am still not getting any information from my "ls" command.
UPDATE
I updated the code with what I have now. It seems like the ssh.ReadResponse() is blocking, which leads me to believe the server is not responding. Is that correct?
I'm creating an application for Minecraft Classic to send "Heartbeats" to an external website and my application wants to send IPv6 heartbeats rather than IPv4 heartbeats if both IPv6 and IPv4 are present on the system.
Here's what I've tried (through looking through Google search):
Ipv6Element DisableIPv6 = null;
DisableIPv6.enabled = false;
The issue here is that when I add the System.Net.Configuration import, my other portions of code from a .dll won't work anymore because I've attempted to use this method of disabling IPv6.
Here's an example of the .cs file where the heartbeat is sent to the external website (Either Minecraft.net or ClassiCube.net. Since Minecraft.net only supports IPv4 for its Classic servers, the software works fine, but since ClassiCube accepts both 4 and 6, if the machine the server is running has both, it will only take 6, but my software doesn't support IPv6 yet. The .cs file is here. (the Pastebin link expires in 2 weeks)
I've been trying to disable IPv6 if this is the case, but now that I realize that IPv6 will someday replace IPv4, I know I need to support IPv6 now before it is too late
I want to be able to support IPv6 in the application. How can I fix my code to support both IPv4 and 6?
Disclaimer
This code, in fact, is Visual C#, not java. The software has been created in Visual Studio 2013. This program is used to host Minecraft Classic Servers, (Not Premium). Many people don't believe the program was writen in C#, but I'm going to state that now so there is no confusion down the road.
Under the salt initialization:
// Dns lookup, to make sure that IPv4 is preferred for heartbeats
static readonly Dictionary<string, IPAddress> TargetAddresses = new Dictionary<string, IPAddress>();
static DateTime nextDnsLookup = DateTime.MinValue;
static readonly TimeSpan DnsRefreshInterval = TimeSpan.FromMinutes(30);
static IPAddress RefreshTargetAddress([NotNull] Uri requestUri)
{
if (requestUri == null) throw new ArgumentNullException("requestUri");
string hostName = requestUri.Host.ToLowerInvariant();
IPAddress targetAddress;
if (!TargetAddresses.TryGetValue(hostName, out targetAddress) || DateTime.UtcNow >= nextDnsLookup)
{
try
{
// Perform a DNS lookup on given host. Throws SocketException if no host found.
IPAddress[] allAddresses = Dns.GetHostAddresses(requestUri.Host);
// Find a suitable IPv4 address. Throws InvalidOperationException if none found.
targetAddress = allAddresses.First(ip => ip.AddressFamily == AddressFamily.InterNetwork);
}
catch (SocketException ex)
{
Logger.Log(LogType.Error,
"Heartbeat.RefreshTargetAddress: Error looking up heartbeat server URLs: {0}",
ex);
}
catch (InvalidOperationException)
{
Logger.Log(LogType.Warning,
"Heartbeat.RefreshTargetAddress: {0} does not have an IPv4 address!", requestUri.Host);
}
TargetAddresses[hostName] = targetAddress;
nextDnsLookup = DateTime.UtcNow + DnsRefreshInterval;
}
return targetAddress;
}
And then, within static HttpWebRequest CreateRequest, under request.UserAgent, insert
if (uri.Scheme == "http")
{
request.Proxy = new WebProxy("http://" + RefreshTargetAddress(uri) + ":" + uri.Port);
}
That should work, I have no way of testing it. Hopefully you or someone else has ipv6 so they can test. All of this code was basically taken from fCraft by the way, all credit to them. http://www.fcraft.net