Join / Log in
It is not completely clear from your description exactly what your setup is. It sounds like you have MQ Clients -> Load Balancer -> Queue Manager. However, you mention testing the connection using curl which would not be able to successfully connect to a queue manager since the queue manager doesn't use HTTP. Are you running the MQ Web Server in front of the queue manager for connecting HTTP clients to perhaps? If not, could you expand on your set up so we can understand the problem properly.
If you connect an HTTP connection to a queue manager listener, you will get "Invalid Data". What you describe sounds like you get "Invalid data" whether using SSL or not, only first the SSL handshake completes, which is to be expected. There is nothing MQ specific about the SSL Handshake.
If your MQ Client is using SSL, the MQ Svrconn on the queue manager will also expect SSL.
How is the load balancer breaking the connection between clients and queue manager - this is not explained either.
Hopefully if we can understand your setup better, we can help you solve the problem.
Thanks for the response.Will try to explain my set up in more detailed way. Currently I have IBM MQ v9.1.5 installed on Linux serverI have couple of partners who will need to send us messages (MQ server to MQ server.) Due to our security policy, I cant let partners connect straight to our MQ server. So MQ Server sits behind Load balancer, where SSL is enabled and have wildcard certificate. From LB, connection is directed to MQ server.I was testing the connection with "TEST QMGR", which is installed to the same instance. I've added our LB DNS to test channel CONNAME but unable to get the connection up.FYI, with nc and telnet, I am able to connect to instance through LB. Logs are showing that the connection reached the instance.Is it even possible, where client will connect straight from server to our Load balancer, where SSL is enabled?Thanks
So this is not MQClient -> Load Balancer -> Queue Manager
It is Partner Queue Manager -> Load Balancer -> Queue Manager - is that correct?
One thing to be very careful of here is to ensure that your "Load Balancer" does not do any actual load balancing! The channel from queue manager to queue manager must always go to the correct queue manager.
You haven't said what this load balancer is, nor how it breaks the connection between your partners and your own queue manager to meet your security requirement. Clearly it is a very important part of the picture. You say when you test without the load balancer it works fine, but with the load balancer in the picture you get "Invalid data". What kind of invalid data? (The FDC will show the data)? Is the load balancer not passing on the connection data exactly as is?