DataPower

DataPower

Join this online group to communicate across IBM product users and experts by sharing advice and best practices with peers and staying up to date regarding product enhancements.

 View Only
Back to discussions
Expand all | Collapse all

DataPower MQ to MQ V9+ Objects migration

  • 1.  DataPower MQ to MQ V9+ Objects migration

    Posted Mon May 05, 2025 08:54 PM

    Hi Team, 

    we are trying to configure MQV9+ Migration in Datapower , after the migration we are facing issue with below error logs in Splunk 

    2024-11-07T14:20:54+11:00,10.17.197.178,err,0x8d200055,[mq][error] source-idg-mq(*******FSH_V9): trans(102643136) gtid(aadd9dd9672c3ddd****): Failed to put message to (A001F0.**.**.**_COMMON03_***.REPLY.UAT), reason: 2142. 

    2025-03-17T18:31:06+11:00,10.17.197.179,err,0x80e00616,[mpgw][error] mpgw(MediationRouter01): trans(74663)[10.17.197.217] gtid(8e43863e67d7cfa6010ff333): Network Error (Connection timed out) on Back interface (URL: idgmq://ESB2_MQQMGroup01/?RequestQueue=A0028E.**.***.***.REQUEST.EUAT;ReplyQueue=GN.**.DP.***.CV.REPLY.EUAT1;SetReplyTo=true;ParseHeaders=off) when processing the server response

     

    2025-03-17T18:31:06+11:00,10.104.176.63,err,E*B2_EU*T1,[0x80e00648][mq][error] mpgw(MediationRouter01): trans(48305346)[10.17.197.217] gtid(8e43863e67d7cfa6010ff333): internal error, IBM MQ Reason Code = 901, IBM MQ URL = idgmq://ESB2_MQQMGroup01/?RequestQueue=A0028E.**.***.GESB.REQUEST.EUAT;ReplyQueue=GN.QA.DP.ESB.CV.REPLY.EUAT1;SetReplyTo=true;ParseHeaders=off 



    We are on 10.6.0.4, we thought the issues will be fixed when we migration from 10.6.0.3

    when we revert back the changes to older MQ ( Deprecated object ) it is working fine.

    anyone faced similar issue ?

    Regards,

    Mahesh



    ------------------------------
    Sri Rama Mahesh Varma Buddaraju
    ------------------------------


  • 2.  RE: DataPower MQ to MQ V9+ Objects migration

    Posted Wed May 14, 2025 12:20 AM

    Hello Mahesh,

    Can you provide Datapower error message here.
    We were also facing issue while connecting to MQ V9+ but it got resolved.
    It would be helpful to suggest something seeing Datapower error message.



    ------------------------------
    Snehal Yadav
    ------------------------------

    Original Message


  • 3.  RE: DataPower MQ to MQ V9+ Objects migration

    Posted Wed May 14, 2025 12:51 AM

    Hi Snehal, 

    the issue is not resolved, we are not using MQV9+ Objects in DataPower yet, below is the error message 

    [0x80e00648][mq][error] mpgw(MediationRouter01): trans(48305346)[10.17.197.217] gtid(8e43863e67d7cfa6010ff333): internal error, IBM MQ Reason Code = 901, IBM MQ URL = idgmq://ESB2_MQQMGroup01/?RequestQueue=A0028E.**.***.GESB.REQUEST.EUAT;ReplyQueue=GN.QA.DP.ESB.CV.REPLY.EUAT1;SetReplyTo=true;ParseHeaders=off 

    Regards,

    Mahesh



    ------------------------------
    Mahesh Varma Buddaraju
    ------------------------------

    Original Message


  • 4.  RE: DataPower MQ to MQ V9+ Objects migration

    Posted Thu May 15, 2025 02:31 AM

    Hello Mahesh,

    your MQ error code 2142 (from 2024-11-07T14:20:54+11:00,10.17.197.178,err,0x8d200055,[mq][error] source-idg-mq(*******FSH_V9): trans(102643136) gtid(aadd9dd9672c3ddd****): Failed to put message to (A001F0.**.**.**_COMMON03_***.REPLY.UAT), reason: 2142.) is perhaps interesting.

    I would not have expected this to happen with a modern queue manager receiving the client request from Datapower.

    Can you check the MQ logs, and also run dspmqver to verify the version of the queue manager that your datapower is connecting to?

    Regards,



    ------------------------------
    Neil Casey
    Senior Consultant
    Syntegrity Solutions
    Melbourne, Victoria
    IBM Champion (Cloud) 2019-22
    ------------------------------

    Original Message


  • 5.  RE: DataPower MQ to MQ V9+ Objects migration

    Posted Thu May 15, 2025 02:39 AM

    Hi Neil, 

    we are on 9.3.0.27 MQ version, when we revert back to old Datapower MQ objects it is working fine as expected.

    Regards, 

    Mahesh



    ------------------------------
    Mahesh Varma Buddaraju
    ------------------------------

    Original Message


  • 6.  RE: DataPower MQ to MQ V9+ Objects migration

    Posted Thu May 15, 2025 02:44 AM

    Did you find anything diagnostic in the MQ logs? If not, I would recommending opening a support case with IBM as something doesn't seem to be working as expected.

    Regards,



    ------------------------------
    Neil Casey
    Senior Consultant
    Syntegrity Solutions
    Melbourne, Victoria
    IBM Champion (Cloud) 2019-22
    ------------------------------

    Original Message


  • 7.  RE: DataPower MQ to MQ V9+ Objects migration

    Posted 30 days ago
    Hi Mahesh,
    Yes we have been experienced the same issue  MQRC 2142 over various firmware versions.   We are working with IBM via case.   no fix/cause from IBM as yet.
    I suggest that you also raise a IBM case .. more examples from more locations will like help then get to root cause/solution quicker I imagine.
    As you say it occurs with MQ9+ but does not occur MQV8 client MQ objects.
    10.6.0.5 is out and addresses various MQ issues :
    DT424936  MQ v9+ handler might continuously consume messages when its admin-state is disabled.
    DT426022  MQ v9+ handler cannot route messages to the specified queue in ObjectName of MQOD.
    DT433392  IBM MQ v9+ queue manager might stop to retry connections when network conditions are unstable
    DT435251  DataPower might restart when cleaning up MQ connections
    We experienced the second issue in 10.6.0.4  :  DT426022.
    regards,
    Stephen


    ------------------------------
    Stephen Jacob
    Senior Analyst Engineer
    NAB
    VIC
    ------------------------------

    Original Message


  • 8.  RE: DataPower MQ to MQ V9+ Objects migration

    Posted 30 days ago

    Hi Stephan Jacob, 

    we have raised a case with IBM but no solution has been provided by the so far, we are on DP Version 10.6.0.4, we will plan to upgrade to 10.6.0.5 and test it.

    I will keep you posted how it goes Stephan, Thanks for your time.

    Regards, 

    Mahesh 



    ------------------------------
    Mahesh Varma Buddaraju
    ------------------------------

    Original Message


  • 9.  RE: DataPower MQ to MQ V9+ Objects migration

    Posted 22 days ago

    Hi All,

    We're currently migrating MQ objects from DataPower V8 to V9 and facing an issue with establishing the MQ Queue Manager connection.
    In V8, we used a user object, but in V9 this has been deprecated and now requires specifying a certificate label for mutual TLS.
    Here's what we've done:
    We uploaded the client certificate (dpmq.ibm.com.cer) into the DataPower cert store.
    Mapped it to a Crypto Certificate object named DP_MQ_TLS.
    In the MQ Queue Manager object, we set the SSL Certificate Label to DP_MQ_TLS.
    However, the Queue Manager remains down, and the MQ logs show:
    AMQ9640: Certificate was not sent by the remote application.
    We suspect that the label provided might not be correctly referencing the private key, especially since the private key is stored in the HSM.
    Question:
    What exactly should be provided as the SSL Certificate Label in this case?
    Should it be the Certificate name(dpmq.ibm.com.cer) or Crypto Certificate object name (DP_MQ_TLS) or the HSM key label?
    Appreciate any guidance or examples on how to properly reference HSM-backed certs in this scenario.


    ------------------------------
    Sampelly Vikram Rao
    ------------------------------

    Original Message


  • 10.  RE: DataPower MQ to MQ V9+ Objects migration

    Posted 20 days ago

    DataPower uses object name regardless of it's storage type. Did you create and attached a TLS client profile with MQ QM in DataPower? What errors do you see in DataPower?



    ------------------------------
    Ajitabh Sharma
    ------------------------------

    Original Message


  • 11.  RE: DataPower MQ to MQ V9+ Objects migration

    Posted 17 days ago
      |   view attached

    Hi Ajitabh,

    Thanks for the response!

    Yes, the TLS client profile already exists and is being referred to by both V8 and V9 QM. The TLS profile contains both validation and identification credentials. Please find the certificate object and TLS details configured in the QM Connections in the attached document. 

    I have noticed below error in DataPower.

    idg-mq-qm: The (Connect) request failed with (2393).



    ------------------------------
    Sampelly Vikram Rao
    ------------------------------

    Attachment(s)

    pdf
    Crypto_Cert.pdf   40 KB 1 version
    Original Message


Related Content