AMQ9716E: Remote SSL certificate revocation status check failed for channel …

EXPLANATION: IBM MQ failed to determine the revocation status of the remote SSL certificate
for one of the following reasons:
(a) The channel was unable to contact any of the CRL servers or OCSP responders for the certificate.
(b) None of the OCSP responders contacted knows the revocation status of the certificate.
(c) An OCSP response was received, but the digital signature of the response could not be verified.

Colin’s comments

The channel definition did not have a CERTLABEL(…) specified.
The keystore on the client end did not have the certificate label in it.
The wrong keystore was used, for example environment MQSSLKEYR was set to the wrong keystore. Or the SSL stanza SSLKeyRepository was set to the wrong keystore.

See Debugging MQ client connection problems:keystore for some hints on finding the keystore

See Debugging MQ client connection problems:certlabel for some hints on finding the certificate label name.

Leave a Reply Cancel reply

Enter your comment here...

Fill in your details below or click an icon to log in:

Email (required) (Address never made public)

Name (required)

Website

You are commenting using your WordPress.com account. ( Log Out / Change )

You are commenting using your Facebook account. ( Log Out / Change )

Cancel

Connecting to %s

%d bloggers like this:

Colin’s comments

Share this:

Like this:

Leave a Reply Cancel reply