I was getting this error.

CWWMQ0062E: An SSL alias was provided with name jeremy_test.  However no SSL alias with this name exists.

Here is what I did to troubleshooting this error.

In this example, the error says SSL alias jeremy_test does not exist. In the WebSphere console, I saw that jeremy_test did exist.

On the IBM MQ system, I used the gskit (Global Security Kit) commands to get the list of certificates being used for SSL by IBM MQ.

~]# ${install_root}/gsk8/bin/gsk8capicmd_64 -cert -list -db /path/to/key.kdb -stashed
Certificates found
* default, - personal, ! trusted, # secret key
!       Root_Certificate_Authority
!       Intermediate_Certificate
*-      Server_Certificate

And I then extracted each certificate from the key.kdb file.

~]# ${install_root}/gskit8/bin/gsk8capicmd_64 -cert -extract -db /path/to/key.kdb -stashed -label Root_Certificate_Authority -target Root_Certificate_Authority.cer

~]# ${install_root}/gskit8/bin/gsk8capicmd_64 -cert -extract -db /path/to/key.kdb -stashed -label Intermediate_Certificate -target Intermediate_Certificate.cer

~]# ${install_root}/gskit8/bin/gsk8capicmd_64 -cert -extract -db /path/to/key.kdb -stashed -label Server_Certificate -target Server_Certificate.cer

And I then created a dummy truststore on WebSphere named my_truststore, and added the IBM MQ certificates to the dummy my_truststore.

I then restarted the WebSphere deployment manager just to ensure the deployment manager was all good with the dummy my_truststore.

I then created a dummy SSL configuration that used the dummy my_truststore, and set my connection factory to use my dummy SSL configuration, just to ensure the connection was being made with the valid certificates for the SSL handshake between WebSphere and IBM MQ.

In WebSphere, I created a connection factory to establish a connection from an app running on WebSphere to IBM MQ. The connection factory was configured to use SSL. My connection factory settings looked a little something like this.

• Name = myConnectionFactory
• JNDI = jms/conn/mq/cf
• Queue Manager = MANAGER01
• Hostname = mq.example.com
• Port = 12345
• Server Connection Channel = CHANNEL01
• Use SSL to secure communication with WebSphere MQ
• SSL configuration = my_ssl
• Authentication alias for XA recovery = my_id

I then created a Java application client with the following markup. Notice the PROVIDER_URL is using the bootstrap port of the WebSphere deployment manager (3809) and the JNDI of the connection factory I created (jms/conn/mq/cf).

import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.util.Properties;
import javax.jms.JMSException;
import javax.jms.QueueConnection;
import javax.jms.QueueConnectionFactory;
import javax.naming.Context;
import javax.naming.InitialContext;
import javax.naming.NamingException;

public class Main {
	public static void main(String[] args) throws IOException {
    	try {
            Properties env = new Properties ();
            env.put ( Context.INITIAL_CONTEXT_FACTORY, "com.ibm.websphere.naming.WsnInitialContextFactory" );
            env.put ( Context.PROVIDER_URL, corbaloc:iiop:localhost:3809 ); <- bootstrap port
            InitialContext jndi = new InitialContext (env);
            QueueConnectionFactory qcf = (QueueConnectionFactory) jndi.lookup("jms/conn/mq/cf"); <- JNDI
            QueueConnection queueConn = qcf.createQueueConnection();
            queueConn.start();
            queueConn.close();
    	}
        catch (NamingException e ) {
        	e.printStackTrace();
        }
        catch (JMSException e) {
        	e.printStackTrace();
        }
    }
}

I exported the Java application to an EAR and placed the EAR file on the WebSphere server. I then used launchClient.sh to run the application client.

/opt/WebSphere/AppServer/profiles/myProfile/bin/launchClient.sh my.ear -Djavax.net.debug=all

And I would get output like this.

[1/26/23 2:51:42:926 CST] 00000001  E UOW=2-381fc8e0-3813581:TLDEPFA-1-0001 source=com.ibm.ws.sib.utils.ras.SibMessage org=IBM prod=WebSphere component=Application Server thread=[P=93065:O=0:CT]
          [:] CWWMQ0062E: An SSL alias was provided with name jeremy_test.  However no SSL alias with this name exists.