APAR status
Closed as program error.
Error description
When HTTP or HTTPS is used as a bridge between two MQIPT routes and the final route to the MQ queue manager is secured with SSL/TLS, the connection fails. In the MQIPT trace, the message "Input stream not available" and "IPTException: closeId=ERROR, closeMsg=, rc=60010" is indicated and the HTTP connection is closed. One or more of the following errors may also appear in the IBM MQ queue manager error logs: 	-AMQ9641: Remote CipherSpec error for channel 	-AMQ9616: The CipherSpec proposed is not enabled on the server. 	-AMQ9633: Bad SSL certificate for channel 	-AMQ9665: SSL connection closed by remote end of channel Queue manager channels show Binding, then retry, will not start.
Local fix
An alternative connection using the MQIPT SSLProxyMode may be used, to SSL encrypt the channel and proxy transfer the encrypted packets over HTTP link between two MQIPT nodes. Both MQIPT routes would be set to SSLProxyMode=true and in addition the first MQIPT route would be set to HTTP=true with HTTPServer/HTTPServerPort set to the url/port of the second MQIPT node. The IBM MQ channel and authentication may be configured in the same was as for a channel without MQIPT in the path.
Problem summary
**************************************************************** USERS AFFECTED: Users of "IBM MQ Internet Pass-Thru" (MQIPT) using HTTP or HTTPS with SSL/TLS channel connection to the IBM MQ server queue manager. Platforms affected: MultiPlatform **************************************************************** PROBLEM DESCRIPTION: An omission in the code path for the SSL connection failed to correctly initialize a worker thread to handle the connection, which caused the the incoming HTTP stream connection to be lost and the channel connection to fail with an SSL error.
Problem conclusion
The MQ IPT code has been changed in the case of HTTP->SSL, in order to correctly initialize the worker thread to handle the connection. --------------------------------------------------------------- The fix is targeted for delivery in the following PTFs: Version Maintenance Level v2.1 2.1.0.3 The latest available maintenance can be obtained from 'WebSphere MQ Recommended Fixes' http://www-1.ibm.com/support/docview.wss?rs=171&uid=swg27006037 If the maintenance level is not yet available information on its planned availability can be found in 'WebSphere MQ Planned Maintenance Release Dates' http://www-1.ibm.com/support/docview.wss?rs=171&uid=swg27006309 ---------------------------------------------------------------
Temporary fix
Comments
APAR Information
APAR number
IT15598
Reported component name
WMQ BASE MULTIP
Reported component ID
5724H7251
Reported release
800
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt / Xsystem
Submitted date
2016-06-06
Closed date
2016-06-30
Last modified date
2016-07-04
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Fixed component name
WMQ BASE MULTIP
Fixed component ID
5724H7251
Applicable component levels
R800 PSY
UP
[{"Business Unit":{"code":"BU053","label":"Cloud & Data Platform"},"Product":{"code":"SSYHRD","label":"IBM MQ"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"8.0.0.0","Edition":"","Line of Business":{"code":"LOB45","label":"Automation"}}]
Document Information
Modified date:
04 July 2016