| |
|
RSS Feed - WebSphere MQ Support
|
RSS Feed - Message Broker Support
|
| amqssslc ended 2393, while conn via MQ Explorer CCDT is OK |
« View previous topic :: View next topic » |
| Author |
Message
|
| t603 |
 Posted: Tue Apr 01, 2014 12:48 pm Post subject: |
 |
|
Voyager
Joined: 16 Oct 2012
Posts: 88
Location: Prague, the Czech Republic, Europe
|
It looks like chaining should be OK now. THANK YOU ALL!
Now verification against CRL or OSCP is my task for tommorow. SSL stanza in qm.ini and mqclient.ini does not work for me, I guess, because I can not restart MQ server to take qm.ini into account to disable CRL or OSCP, so I have to install and run LDAP server of my own 
BTW does I need to have
| Code: |
SSL:
OCSPAuthentication=OPTIONAL or WARN
OCSPCheckExtensions=No |
in qm.ini, or in mqclient.ini or both? And is affected by this setting CCDT? |
|
| Back to top |
|
 |
| exerk |
| Posted: Tue Apr 01, 2014 9:18 pm Post subject: |
|
|
Jedi Council
Joined: 02 Nov 2006
Posts: 6339
|
The stanzas should be:
| Code: |
SSL:
OCSPAuthentication=OPTIONAL
OCSPCheckExtensions=NO |
There can be only one value and they should be in upper case, not camel case. If you are running clients then yes, it will need to be in both files and I'm not altogether sure - because I've never had cause to try it - whether a refresh security type(ssl) might cause the change to be picked up (the manual isn't clear but it's implied).
The CCDT will not be affected by the setting of the stanzas.
_________________
It's puzzling, I don't think I've ever seen anything quite like this before...and it's hard to soar like an eagle when you're surrounded by turkeys. |
|
| Back to top |
|
|
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
|
|
