Hi,
I have 2 queue managers in 2 different Openshift clusters. I want to connect both QMs via SSL.
Today, it is possible to access both queue managers externally to Openshift via Load Balancer IP (MetalLB) using port 1414.
- QM1 has the certs and the CA authority of QM1 and QM2. -> qm1-server(1414)
- QM2 has the certs and the CA authority of QM2 and QM1 -> qm2-server(1414)
I define a Sender channel "REMOTE" and a reciever called "REMOTE" without SSL and connection works,
1 : DISPLAY CHANNEL(REMOTE) (QM2)
AMQ8414I: Display Channel details.
CHANNEL(REMOTE) CHLTYPE(RCVR)
MCAUSER( ) MONCHL(QMGR)
1 : DISPLAY CHANNEL(REMOTE) QM1 (SENDER
AMQ8414I: Display Channel details.
CHANNEL(REMOTE) CHLTYPE(SDR)
COMPMSG(NONE) CONNAME(qm2-server(1414))
Now i want to connect both 2 queue managers, so i enabled SSL in the sender/reciever. and fails (i guess it makes sense as 1414 is not a ssl port?)
"
025-02-13T18:44:55.129Z AMQ9638E: SSL communications error for channel 'REMOTE'. [ArithInsert1(406), CommentInsert1(REMOTE), CommentInsert2(gsk_secure_soc_init)]
2025-02-13T18:44:55.129Z AMQ9999E: Channel 'REMOTE' to host 'tqm2-server(1414)' ended abnormally. [CommentInsert1(REMOTE), CommentInsert2(93258), CommentInsert3(qm2-server(1414))]"
My questions are:
can i use hostname (load balancer name) to connect both queue managers via channel with SSL?
I guess my second choice is to use a route, but i dont understand this settings IBM WebSphere MQ: How does MQ provide multiple certificates (CERTLABL) capability
As my base route is something like *.apps.server2.domain.com.
how do i need to configure an SNI to access to Channel: REMOTE, Queue manager: QM2?
should be something like remote.qm2.chl.ibm.com ?? what this domain means?
thanks in advance!
------------------------------
Andres Colodrero
------------------------------