MQJE001: Completion Code ‘2’, Reason ‘2009’

While working with IBM WebSphere, we may have observed MQ Reason Code 2009 (MQRC_CONNECTION_BROKEN | MQJE001: Completion Code ‘2’, Reason ‘2009’) in application logs. Following are two possible main scenarios that causes this exception:-
1) One is allocating a new Queue Connection Factory (QCF) connection.
2) The other is when the Application Server allocates a free connection from its connection pool, but the connection is no longer active, that is, broken.

There are other most common causes for MQ Reason Code 2009 which are given below:
1) A firewall has terminated the connection.
2) An IOException caused the socket to be closed.
3) An explicit action caused the socket to be closed by one end.
4) The queue manager is offline.
5) The maximum number of channels allowed by the queue manager are already open.
6) A configuration problem in the Queue Connection Factory (QCF).


Enable SSL Debug Trace in WebSphere

As a developer, we may have to enable SSL Debug Trace in WebSphere. Hence, following are the brief steps that could be used for reference:-

1. In the WebSphere Application Server (WAS) Admin Console, navigate to Servers > Server Types > WebSphere application servers, then select the server name.

2. Under Server Infrastructure, expand Java and Process Management > Process definition > Java Virtual Machine.

3. Add the following to the end of the Generic JVM Arguments box:,handshake,data,trustmanager

4. Save to the master config, and restart the server for it to take hold.

5. This will add debug trace of the SSL handshake to the //profiles//logs//SystemOut.log

Happy Debugging 🙂

Virtual Host Entry in WebSphere

Virtual host name entry could be found in plugin-cfg.xml of a server profile in WebSphere. It is mostly used to configure the port details which forms the complete URL for an application like

Location of an Application Server Profile:-

Location of a file:-

   <VirtualHostGroup Name="Loan_Application">
      <VirtualHost Name="*:55295"/>

ORA-28040: No matching authentication protocol error

We have got following error in Application logs and we were made to cross-check our JVM settings.

ERROR [2016-06-06 03:32:55,521]|[server.startup : 1]|[null]|getConnection
java.sql.SQLException: ORA-28040: No matching authentication protocol
DSRA0010E: SQL State = 99999, Error Code = 28,040
at oracle.jdbc.driver.T4CTTIoer.processError(
at oracle.jdbc.driver.T4CTTIoer.processError(
at oracle.jdbc.driver.T4CTTIoer.processError(
at oracle.jdbc.driver.T4CTTIoauthenticate.processError(
at oracle.jdbc.driver.T4CTTIfun.receive(
at oracle.jdbc.driver.T4CTTIfun.doRPC(
at oracle.jdbc.driver.T4CTTIoauthenticate.doOSESSKEY(
at oracle.jdbc.driver.T4CConnection.logon(
at oracle.jdbc.driver.PhysicalConnection.&amp;lt;init&amp;gt;(
at oracle.jdbc.driver.T4CConnection.&amp;lt;init&amp;gt;(
at oracle.jdbc.driver.T4CDriverExtension.getConnection(
at oracle.jdbc.driver.OracleDriver.connect(
at oracle.jdbc.pool.OracleDataSource.getPhysicalConnection(
at oracle.jdbc.pool.OracleDataSource.getConnection(
at oracle.jdbc.pool.OracleConnectionPoolDataSource.getPhysicalConnection(

It was determined that removing JVM parameter -Doracle.jdbc.thinLogonCapability=o3 will fix the ORA-28040: No matching authentication protocol error. I remembered that we added this JVM parameter for certain applications during the WebSphere 7 upgrade. The problem was that certain applications running on WebSphere 7 with JDK 1.6 and ojdbc6.jar was not able to login to the Database. This was because of an Oracle driver “issue” when dealing with external 3rd party JCE libraries such as BouncyCastle.