IB M M Q wi t h

W EBLOGIC u si n g S SL
c o n n e c tivity
R22
 IB M M Q w i t h W EBLOGI C u s i n g S SL c o n n e c tivi ty

Amendement History:

Revisio
Date Amended Name Description
n
1 20th October 2019 M. Siranjeevi Content Prepared
2 20th October 2019 Ram Content Reviewed
3 24th March 2020 Immanuel KJ R20 AMR Review
4 12th April 2021 Halith MY R21 AMR Review
5 25th March 2022 Dhanya J R22 AMR Review

Page 2
IB M M Q w i t h W EBLOGI C u s i n g S SL c o n n e c tivi ty

Copyri g h t
Copyright © Temenos Headquarters SA 2009-2022.
All rights reserved.
This document contains proprietary information that is protected by copyright. No part of this document may
be reproduced, transmitted, or made available directly or indirectly to a third party without the express
written agreement of TEMENOS UK Limited. Receipt of this material directly TEMENOS UK Limited
constitutes its express permission to copy. Permission to use or copy this document expressly excludes
modifying it for any purpose, or using it to create a derivative therefrom.

Errat a and Com m e n t s

If you have any comments regarding this manual or wish to report any errors in the
documentation, please document them and send them to the address below:
Technology Department

Temenos Headquarters SA
2 Rue de l’Ecole-de-Chimie,
CH - 1205 Geneva,
Switzerland

Tel SB: +41 (0) 22 708 1150

Fax: +41 (0) 22 708 1160

Please include your name, company, address, and telephone and fax numbers, and email
address if applicable. TAFJdev@temenos.com

Page 3
 IB M M Q w i t h W EBLOGI C u s i n g S SL c o n n e c tivi ty

Table of Contents
Copyright................................................................................................................................................ 3
Errata and Comments............................................................................................................................ 3
Creation of queues manager and queue................................................................................................5
Queue creation.................................................................................................................... 8
Binding the Queues.............................................................................................................................. 10
Creating Keystore and Truststore......................................................................................................... 12
Setup at Websphere MQ level.............................................................................................................. 14
Setup at Weblogic level........................................................................................................................ 17
Creating a Foreign JMS server............................................................................................................. 19
Creating Connection Factory................................................................................................................ 27
Limitations with IBM MQ:...................................................................................................................... 30

Page 4
IB M M Q w i t h W EBLOGI C u s i n g S SL c o n n e c tivi ty

Creat i o n of qu e u e s ma n a g e r and qu e u e
Queu e man a g e r crea tio n
Start Websphere MQ manager and you will see the home page as given below,

Queue Managers > New > Queue Manager

Name the queue manager as "T24MQ" and then click "Next"

Page 5
IB M M Q w i t h W EBLOGI C u s i n g S SL c o n n e c tivi ty

Click "Next"

"Select type of queue manager startup" as Automatic

Make sure the option "Create listener configured for TCP / IP" is selected and define the
PORT Number as 1414 (If it’s already used you can define another one) and "Next"

Page 6
IB M M Q w i t h W EBLOGI C u s i n g S SL c o n n e c tivi ty

Click "Next"

Page 7
IB M M Q w i t h W EBLOGI C u s i n g S SL c o n n e c tivi ty

Queue manager T24MQ created as below

Check the listener is created and running

Que u e cre a t i o n

Creating of MQClearingQueue

Page 8
IB M M Q w i t h W EBLOGI C u s i n g S SL c o n n e c tivi ty

Click "Finish"

Likewise, we have create MQClearingReplyQueue, T24.BROWSER.QUEUE and

T24.BROWSER.REPLY.QUEUE only.

Page 9
IB M M Q w i t h W EBLOGI C u s i n g S SL c o n n e c tivi ty

Once done it like below

Bin d i n g the Que u e s

Creati n g JNDI Cont ext and Conn e c tio n factorie s:
Create a simple file-based JNDI context and configure the JMS objects in that JNDI
namespace. These JNDI objects are used by applications running in WebLogic Application
Server to connect to the WebSphere MQ queue manager. For this integration, WebLogic and
WebSphere MQ should be on the same machine.

The setting is for file-based JNDI. Create the directory

C:\LocalArea\Dev\TAFJ\appserver\MQ\MQ-JNDI before continuing with the next step.

U
nder new folder C:\LocalArea\Dev\TAFJ\appserver\MQ\MQ-JNDI create a file
MyAdmin.Config with the following contents:

INITIAL_CONTEXT_FACTORY=com.sun.jndi.fscontext.RefFSContextFactory

PROVIDER_URL=file://C:/LocalArea/Dev/TAFJ/appserver/MQ/MQ-JNDI

SECURITY_AUTHENTICATION=none

Open a command prompt as Administrator and set the following CLASSPATH as shown
below

Page 10
IB M M Q w i t h W EBLOGI C u s i n g S SL c o n n e c tivi ty

C:\LocalArea\Dev\TAFJ\appserver\MQ\MQ-JNDI>set
MQ_JAVA_INSTALL_PATH="C:\Program Files\IBM\MQ\java"
C:\LocalArea\Dev\TAFJ\appserver\MQ\MQ-JNDI>set classpath=
%MQ_JAVA_INSTALL_PATH%\*;%classpath%
C:\LocalArea\Dev\TAFJ\appserver\MQ\MQ-JNDI>set path=%MQ_JAVA_INSTALL_PATH%;
%path%

Next open a command prompt, cd to C:\JNDI-Directory, create the QueueConnectionFactory

and Queue objects by executing the command:

C:\LocalArea\Dev\TAFJ\appserver\MQ\MQ-JNDI>"C:\Program
Files\IBM\MQ\java\bin\JMSAdmin.bat" -cfg MyAdmin.config

def xaqcf(MQConnectionFactory) qmgr(T24MQ)

def q(MQClearingQueue) qmgr(T24MQ) queue(MQClearingQueue)
def q(MQClearingReplyQueue) qmgr(T24MQ) queue(MQClearingReplyQueue)
def q(t24BROWSERQueue) qmgr(T24MQ) queue(T24.BROWSER.QUEUE)
def q(t24BROWSERReplyQueue) qmgr(T24MQ) queue(T24.BROWSER.REPLY.QUEUE)
end

We should see a message like “Stopping Websphere MQ classes for Java(tm) Message
Service Administration” after we press Enter after the last line “end”.

After Successful, binding of Queues a file with the name .bindings will be created at
C:\LocalArea\Dev\TAFJ\appserver\MQ\MQ-JNDI.

Page 11
IB M M Q w i t h W EBLOGI C u s i n g S SL c o n n e c tivi ty

Creat i n g Keys t o r e and Trus t s t o r e

Truststore and Keystore file is used to provide secured transaction between the client and
server. The keytool command used to create the keystore file, which contains the
public/private keys, and then using keystore, create a truststore file that contains only public
keys. Follow the below steps to create Truststore and Keystore file,

 Generate a keystore file

 Verify the newly created keystore file
 Export the certificate
 Import the certificate in to the truststore file
 Verify the newly created trust store file

Step 1 - Gene r a t e a keystor e file

Java Keytool stores the keys and certificates in the keystore file. If you are a "Windows" user,
the keytool command should be executed in the Java bin directory. The following command
should be executed from bin path and in this case, java is present in the path
'C:\LocalArea\Dev\java\jdk1.8.0_121'

keytool -genkey -keyalg RSA -validity 1925 -alias ibmwebspheremqMQT24 -keypass

temenos -storepass temenos -dname "cn=TAFJ, ou=TEMENOS, o=TEMENOS, c=INDIA"
-keystore temntafj.jks

Next we should verify the newly created key store file.

Step 2 – Verifiy the newly crea t e d keysto r e file

Use the following command,

Page 12
IB M M Q w i t h W EBLOGI C u s i n g S SL c o n n e c tivi ty

keytool -list -v -keystore <name>.jks

After executing the above command, you will get the details as specified in the image below.
Make sure to input the password 'temenos' which we given for creating the keystore.

Step 3 – Expor t the cer tifica t e

Either a self signed certificate or a commercial certificate or other certificate authority should
be exported. For exporting verisign certificates, execute the following command,

keytool -export -alias ibmwebspheremqMQT24 -file ingadapter.cer -storepass temenos

-keystore temntafj.jks

After executing the above command, you will be asked for the password, Give the same
password "temenos" and you will get the details as specified in the image below,

Step 4 – Impor t the cer tifica t e in to the trus t s t o r e file

Import the certificate by executing the below command,

keytool -import -noprompt -alias ibmwebspheremqMQT24 -file ingadapter.cer -storepass

temenos -keystore temntafjtrust.jks

After executing the preceding command, you will get the details as specified in the image
below

Page 13
IB M M Q w i t h W EBLOGI C u s i n g S SL c o n n e c tivi ty

Step 5 – Verify the newly cre a t e d trus t stor e file:

Verify the newly created trust store file by executing the following command,

keytool -list -v -keystore <name>.jks

After executing the preceding command, you will get the details as specified in the image
below,

Se t u p at Web s p h e r e MQ leve l
Right click IBM MQManage SSL certificates

Page 14
IB M M Q w i t h W EBLOGI C u s i n g S SL c o n n e c tivi ty

Enter the password 'temenos', which we used to create keystore and check 'stash password
to a file’

Page 15
IB M M Q w i t h W EBLOGI C u s i n g S SL c o n n e c tivi ty

From personal Certificates, import the keystore (temntafj.jks) from the path where we have
generated

Page 16
IB M M Q w i t h W EBLOGI C u s i n g S SL c o n n e c tivi ty

Now click View/Edit button and check the check box 'set the certificate as default'.

Se t u p at Webl o g i c lev el
Weblogic star t u p script s at setDo m ai n E n v.c m d
set JAVA_PROPERTIES=-Dwls.home=%WLS_HOME% -Dweblogic.home=%WLS_HOME%
- Djavax.net.ssl.keyStore=C:\keystore\temntafj.jks
-Djavax.net.ssl.keyStorePassword=temenos
-Djavax.net.ssl.trustStore=C:\keystore\temntafjtrust.jks
-Djavax.net.ssl.trustStorePassword=temenos
-Doracle.net.ssl_cipher_suites=TLS_RSA_WITH_AES_128_CBC_SHA
-Dcom.ibm.mq.cfg.useIBMCipherMappings=false -Dcom.ibm.mq.cfg.preferTLS=true

set
DOM_HOME=C:\\Oracle\\Middleware\\Oracle_Home\\user_projects\\domains\\base_domain\
\lib

set CLASSPATH=%DOM_HOME%\\com.ibm.mq.jar;%DOM_HOME%\\com.ibm.mqjms.jar;
%DOM_HOME%\\com.ibm.mq.commonservices.jar;%DOM_HOME%\\com.ibm.mqetclient;
%DOM_HOME%\\fscontext.jar;%DOM_HOME%\\dhbcore.jar;%DOM_HOME
%\\com.ibm.mq.headers.jar;%DOM_HOME%\\com.ibm.mq.jmqi.jar;%CLASSPATH%

Copy the jars file from the MQ lib to the created domain server(<<Oracle_home>>
user_projects\domains\base_domain\lib) lib.

Page 17
IB M M Q w i t h W EBLOGI C u s i n g S SL c o n n e c tivi ty

Map the generated generated keystore and trust keystore files in the Keystore tab.
From the left pane in the weblogic home EnvironmentserversAdminserver

Enter the Private Key Alias and respective credentials of the keystore.
From the left pane in the weblogic home EnvironmentserversAdminserver

Page 18
IB M M Q w i t h W EBLOGI C u s i n g S SL c o n n e c tivi ty

Tick the SSL Listen Port Enabled

Indicates whether the server can be reached through the default SSL listen port

Then restart the ssl to take effect

From the left pane in the weblogic home Environmentservers  go to the control tab
Then select the adminserver and select the Restart SSL

Creat i n g a Forei g n JMS serv e r

Create a JMS Module using SystemModule-MQ Services>Messaging>JMS Modules>New

Page 19
IB M M Q w i t h W EBLOGI C u s i n g S SL c o n n e c tivi ty

Click Next

Click finish

Page 20
IB M M Q w i t h W EBLOGI C u s i n g S SL c o n n e c tivi ty

Click on SystemModule-MQ and then click New

Page 21
IB M M Q w i t h W EBLOGI C u s i n g S SL c o n n e c tivi ty

Select “Foreign Server” radio button and click “Next” Foreign Server

Page 22
IB M M Q w i t h W EBLOGI C u s i n g S SL c o n n e c tivi ty

In this page we can see that the target server is selected already. Click Finish.

Open the newly created Foreign JMS server by clicking Services -> Messaging -> JMS
Modules -> SystemModule-T24 -> ForeignServer-MQ

Under the General tab under Configuration, type in following details:

Page 23
IB M M Q w i t h W EBLOGI C u s i n g S SL c o n n e c tivi ty

JNDI Initial Context Factory: com.sun.jndi.fscontext.RefFSContextFactory

JNDI Connection URL: (This path must contain the .bindings file generated on the MQ
server) file://C:/LocalArea/Dev/TAFJ/appserver/MQ/MQ-JNDI

Page 24
IB M M Q w i t h W EBLOGI C u s i n g S SL c o n n e c tivi ty

Creating Destinations

Click on “Destinations tab” at the top and click “New”

Name: OFSClearingQueue

Local JNDI Name: jms/t24OFSClearingQueue

Remote JNDI Name: MQClearingQue

Note that the Remote JNDI Name must match the name of the queue we created in
WebSphere MQ and click "OK".

Page 25
IB M M Q w i t h W EBLOGI C u s i n g S SL c o n n e c tivi ty

Repeat the same steps for Reply queue with the following naming
Name: OFSClearingReplyQueue
Local JNDI Name: jms/t24OFSClearingReplyQueue
Remote JNDI Name: MQClearingReplyQueue

Likewise, we have create another two queues.

Page 26
IB M M Q w i t h W EBLOGI C u s i n g S SL c o n n e c tivi ty

Creat i n g Con n e c t i o n Fact o ry

After creating Destinations, create a Connection Factory for above queues. Click on (next
tab to Destinations) and Connection Factories

click "New"

Give the naming as shown below

Name: ConnectionFactory

Local JNDI Name: jms/ConnectionFactoryMQ

Remote JNDI Name: MQConnectionFactory

Configuring ejb-jar.xml and weblogic-ejb-jar.xml in TAFJEEE.ear

Page 27
IB M M Q w i t h W EBLOGI C u s i n g S SL c o n n e c tivi ty

Take the TAFJJEE_MDB.jar present in the TAFJJEE_EAR.ear. Under the

TAFJJEE_MDB.jar we need to edit the ejb-jar.xml and weblogic-ejb-jar.xml as per the queue
creation done in the foreign JMS server

Add the below section in ejb-jar.xml below the OFSTransactedMDB section

<message-driven>
<display-name>Transacted Listener MDB for OFS</display-name>
<ejb-name>MQTransactedMDB</ejb-name>
<ejb-class>com.temenos.tafj.mdb.TransactedMDB</ejb-class>
<messaging-type>javax.jms.MessageListener</messaging-type>
<transaction-type>Container</transaction-type>
<message-destination-type>javax.jms.Queue</message-destination-type>
<ejb-local-ref>
<ejb-ref-name>ejb/OFSProcessingBeanLocal</ejb-ref-name>
<ejb-ref-type>Session</ejb-ref-type>
<local>com.temenos.tafj.sb.OFSProcessingBeanLocal</local>
<ejb-link>OFSProcessingBean</ejb-link>
</ejb-local-ref>
<resource-ref>
<description>Used to get connections to JMS for OFS queues</description>
<res-ref-name>jms/TAFJQueueConnectionFactory</res-ref-name>
<res-type>javax.jms.ConnectionFactory</res-type>
<res-auth>Container</res-auth>
</resource-ref>
<message-destination-ref>
<description>OFS queue</description>
<message-destination-ref-name>jms/ReplyQueue</message-destination-ref-name>
<message-destination-type>javax.jms.Queue</message-destination-type>
<message-destination-usage>Produces</message-destination-usage>
<message-destination-link>jms/OFSClearingReplyQueue</message-destination-link>
</message-destination-ref>
</message-driven>

Add the below section in weblogic-ejb-jar.xml below the OFSTransactedMDB section

<wls:weblogic-enterprise-bean>
<wls:ejb-name>MQTransactedMDB</wls:ejb-name>
<wls:message-driven-descriptor>
<wls:pool>
<wls:max-beans-in-free-pool>20</wls:max-beans-in-free-pool>
<wls:initial-beans-in-free-pool>4</wls:initial-beans-in-free-pool>
</wls:pool>
<wls:destination-jndi-name>jms/t24OFSClearingQueue</wls:destination-jndi-name>
<wls:connection-factory-jndi-name>jms/ConnectionFactoryMQ</wls:connection-factory-
jndi-name>
</wls:message-driven-descriptor>

Page 28
IB M M Q w i t h W EBLOGI C u s i n g S SL c o n n e c tivi ty

<wls:resource-description>
<wls:res-ref-name>jms/TAFJQueueConnectionFactory</wls:res-ref-name>
<wls:jndi-name>jms/ConnectionFactoryMQ</wls:jndi-name>
</wls:resource-description>
<!-- MDB scoped work manager to run more than 16 agents -->
<wls:dispatch-policy>OFSWorkManager</wls:dispatch-policy>
</wls:weblogic-enterprise-bean>

Also add the below in message-destination-descriptor section

<wls:message-destination-descriptor>
<wls:message-destination-name> </wls:message-destination-name>
jms/OFSClearingReplyQueue
<wls:destination-jndi-name> </wls:destination-jndi-name>
jms/t24OFSClearingReplyQueue
</wls:message-destination-descriptor>

After the above changes, redeploy TAFJEEE.ear file in Weblogic.

After login into T24.

Page 29
IB M M Q w i t h W EBLOGI C u s i n g S SL c o n n e c tivi ty

Limit a t i o n s with IBM MQ:

When MQ recovers from an unexpected shutdown, only in case of Enterprise Application
servers like Websphere and JBoss, MQ is unable to perform an automatic reconnection.

https://www.ibm.com/docs/en/ibm-mq/8.0?topic=application-automatic-jms-client-
reconnection

https://www.ibm.com/docs/en/ibm-mq/9.0?topic=application-automatic-jms-client-
reconnection

https://www.ibm.com/docs/en/ibm-mq/9.1?topic=application-automatic-jms-client-
reconnection

https://www.ibm.com/docs/en/ibm-mq/9.2?topic=application-automatic-jms-client-
reconnection

Page 30