无法通过 python 3 的 pymqi 版本使用 SSL 连接到 public 队列
Can not connect to the public queue using SSL via pymqi version for python 3
我已经成功地使用以下 python 代码与 Python2 的旧 pymqi 版本建立了到 public 队列的连接:
import logging
import pymqi
logging.basicConfig(level=logging.INFO)
queue_manager = 'QM1'
channel = 'BZU.UAT.CHNL'
host = '245.274.46.56'
port = '1416'
queue_name = 'BZU.UAT.QUEUE'
conn_info = '%s(%s)' % (host, port)
ssl_cipher_spec = 'TLS_RSA_WITH_3DES_EDE_CBC_SHA'
key_repo_location = 'D:\App\BZU\keydb\key'
message = 'Hello from Python!'
cd = pymqi.CD()
cd.ChannelName = channel
cd.ConnectionName = conn_info
cd.ChannelType = pymqi.CMQC.MQCHT_CLNTCONN
cd.TransportType = pymqi.CMQC.MQXPT_TCP
cd.SSLCipherSpec = ssl_cipher_spec
cd.UserIdentifier = 'BZU'
cd.Password = ''
sco = pymqi.SCO()
sco.KeyRepository = key_repo_location
qmgr = pymqi.QueueManager(None)
qmgr.connect_with_options(queue_manager, cd, sco)
put_queue = pymqi.Queue(qmgr, queue_name)
put_queue.put(message)
get_queue = pymqi.Queue(qmgr, queue_name)
logging.info('Here is the message again: [%s]' % get_queue.get())
put_queue.close()
get_queue.close()
qmgr.disconnect()
不幸的是,此代码不适用于 Python 3 的 pymqi 版本 1.9.3。
在这种情况下,我收到以下错误消息:
Traceback (most recent call last):
File ".\mq_conn_with_ssl.py", line 33, in <module>
qmgr.connect_with_options(queue_manager, cd, sco)
File "D:\App\BZU\arn-basis-common\py\pymqi\__init__.py", line 1347, in connect_with_options
raise MQMIError(rv[1], rv[2])
pymqi.MQMIError: MQI Error. Comp: 2, Reason 2393: FAILED: MQRC_SSL_INITIALIZATION_ERROR
我必须将此代码中的所有字符串都转换为字节,因为程序要求所有字符串都为字节。
示例:
queue_manager = b'QM1'
在您的评论中,您发现 AMQERR01.LOG
文件中存在以下错误:
AMQ9716: Remote SSL certificate revocation status check failed for channel 'BZU.UAT.CHNL'.
比较工作服务器和非工作服务器上的 mqclient.ini
文件,了解 SSL:
节中可能导致 OCSP 检查失败的差异。
可以在 IBM MQ 知识中心页面 IBM MQ>Configuring>Configuring connections between the server and clients>Configuring a client using a configuration file>Location of the client configuration file 中找到 mqclient.ini
文件的位置。请参阅下面的摘要:
- The location specified by the environment variable
MQCLNTCF
.
- A file called mqclient.ini in the present working directory of the application.
- A file called mqclient.ini in the IBM MQ data directory for Windows, UNIX and Linux systems.
- A file called mqclient.ini in a standard directory appropriate to the platform, and accessible to users:
有关 mqclient.ini
的 SSL
节的文档可以在 IBM MQ 知识中心页面 IBM MQ>Configuring>Configuring connections between the server and clients>Configuring a client using a configuration file>SSL stanza of the client configuration file 中找到。请参阅下面的摘要:
OCSPAuthentication = OPTIONAL | REQUIRED | WARN
OCSPCheckExtensions = YES | NO
SSLHTTPProxyName = string
我已经成功地使用以下 python 代码与 Python2 的旧 pymqi 版本建立了到 public 队列的连接:
import logging
import pymqi
logging.basicConfig(level=logging.INFO)
queue_manager = 'QM1'
channel = 'BZU.UAT.CHNL'
host = '245.274.46.56'
port = '1416'
queue_name = 'BZU.UAT.QUEUE'
conn_info = '%s(%s)' % (host, port)
ssl_cipher_spec = 'TLS_RSA_WITH_3DES_EDE_CBC_SHA'
key_repo_location = 'D:\App\BZU\keydb\key'
message = 'Hello from Python!'
cd = pymqi.CD()
cd.ChannelName = channel
cd.ConnectionName = conn_info
cd.ChannelType = pymqi.CMQC.MQCHT_CLNTCONN
cd.TransportType = pymqi.CMQC.MQXPT_TCP
cd.SSLCipherSpec = ssl_cipher_spec
cd.UserIdentifier = 'BZU'
cd.Password = ''
sco = pymqi.SCO()
sco.KeyRepository = key_repo_location
qmgr = pymqi.QueueManager(None)
qmgr.connect_with_options(queue_manager, cd, sco)
put_queue = pymqi.Queue(qmgr, queue_name)
put_queue.put(message)
get_queue = pymqi.Queue(qmgr, queue_name)
logging.info('Here is the message again: [%s]' % get_queue.get())
put_queue.close()
get_queue.close()
qmgr.disconnect()
不幸的是,此代码不适用于 Python 3 的 pymqi 版本 1.9.3。 在这种情况下,我收到以下错误消息:
Traceback (most recent call last):
File ".\mq_conn_with_ssl.py", line 33, in <module>
qmgr.connect_with_options(queue_manager, cd, sco)
File "D:\App\BZU\arn-basis-common\py\pymqi\__init__.py", line 1347, in connect_with_options
raise MQMIError(rv[1], rv[2])
pymqi.MQMIError: MQI Error. Comp: 2, Reason 2393: FAILED: MQRC_SSL_INITIALIZATION_ERROR
我必须将此代码中的所有字符串都转换为字节,因为程序要求所有字符串都为字节。 示例:
queue_manager = b'QM1'
在您的评论中,您发现 AMQERR01.LOG
文件中存在以下错误:
AMQ9716: Remote SSL certificate revocation status check failed for channel 'BZU.UAT.CHNL'.
比较工作服务器和非工作服务器上的 mqclient.ini
文件,了解 SSL:
节中可能导致 OCSP 检查失败的差异。
可以在 IBM MQ 知识中心页面 IBM MQ>Configuring>Configuring connections between the server and clients>Configuring a client using a configuration file>Location of the client configuration file 中找到 mqclient.ini
文件的位置。请参阅下面的摘要:
- The location specified by the environment variable
MQCLNTCF
.- A file called mqclient.ini in the present working directory of the application.
- A file called mqclient.ini in the IBM MQ data directory for Windows, UNIX and Linux systems.
- A file called mqclient.ini in a standard directory appropriate to the platform, and accessible to users:
有关 mqclient.ini
的 SSL
节的文档可以在 IBM MQ 知识中心页面 IBM MQ>Configuring>Configuring connections between the server and clients>Configuring a client using a configuration file>SSL stanza of the client configuration file 中找到。请参阅下面的摘要:
OCSPAuthentication = OPTIONAL | REQUIRED | WARN
OCSPCheckExtensions = YES | NO
SSLHTTPProxyName = string