• 日期: 2026-01-29
  • 标签: 常规

很抱歉,我之前提供的代码示例中的'MQEnvironment.sslCertStore'是我错误地使用了一个不存在的属性。

对于IBM MQ的Java客户端,您可以使用'MQEnvironment.sslCipherSuite'和'MQEnvironment.sslSocketFactory'来设置SSL/TLS认证所需的参数。

下面是修正后的示例代码:

import com.ibm.mq.MQException;
import com.ibm.mq.MQQueueManager;
import com.ibm.mq.constants.CMQC;
import com.ibm.mq.constants.MQConstants;

import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManagerFactory;
import java.io.FileInputStream;
import java.security.KeyStore;

public class IBMMQCertificationExample {
    public static void main(String[] args) {
        String queueManagerName = "QMGR_NAME";
        String channelName = "CHANNEL_NAME";
        String hostName = "HOST_NAME";
        int port = 1414;

        String keystoreLocation = "JKS_FILE_PATH";
        String keystorePassword = "JKS_PASSWORD";

        MQQueueManager queueManager = null;

        try {
            MQEnvironment.hostname = hostName;
            MQEnvironment.port = port;
            MQEnvironment.channel = channelName;
            MQEnvironment.properties.put(MQConstants.TRANSPORT_PROPERTY, MQConstants.TRANSPORT_MQSERIES_CLIENT);

            KeyStore keyStore = KeyStore.getInstance("JKS");
            keyStore.load(new FileInputStream(keystoreLocation), keystorePassword.toCharArray());

            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
            keyManagerFactory.init(keyStore, keystorePassword.toCharArray());

            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init(keyStore);

            SSLContext sslContext = SSLContext.getInstance("TLSv1.2");
            sslContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), null);

            MQEnvironment.sslSocketFactory = sslContext.getSocketFactory();

            queueManager = new MQQueueManager(queueManagerName);
            System.out.println("Connected to IBM MQ queue manager: " + queueManagerName);
        } catch (Exception e) {
            System.err.println("Error occurred: " + e.getMessage());
        } finally {
            if (queueManager != null) {
                try {
                    queueManager.disconnect();
                    System.out.println("Disconnected from IBM MQ queue manager");
                } catch (MQException e) {
                    System.err.println("Error occurred while disconnecting from queue manager: " + e.getMessage());
                }
            }
        }
    }
}

请确保在运行代码之前已经正确安装了IBM MQ Java客户端,并将其添加到类路径中。

同样,在代码中,需要替换以下变量的值:

  • QMGR_NAME:IBM MQ队列管理器的名称
  • CHANNEL_NAME:IBM MQ通道的名称
  • HOST_NAME:IBM MQ服务器的主机名
  • JKS_FILE_PATH:JKS证书库文件的路径
  • JKS_PASSWORD:JKS证书库的密码

这个修正后的示例代码将连接到指定的IBM MQ队列管理器,并使用提供的JKS证书来进行SSL/TLS认证。如果连接成功,将打印出连接成功的消息,并在最后断开与队列管理器的连接。如果发生任何错误,将打印出相应的错误消息。

IBM MQ Java 客户端 SSL/TLS 认证示例代码

原文地址: https://www.cveoy.top/t/topic/yBo 著作权归作者所有。请勿转载和采集!

免费AI点我,无需注册和登录