ASG
IBM
Zystems
Cressida
Icon
Netflexity
 
  MQSeries.net
Search  Search       Tech Exchange      Education      Certifications      Library      Info Center      SupportPacs      LinkedIn  Search  Search                                                                   FAQ  FAQ   Usergroups  Usergroups
 
Register  ::  Log in Log in to check your private messages
 
RSS Feed - WebSphere MQ Support RSS Feed - Message Broker Support

MQSeries.net Forum Index » General IBM MQ Support » openssl and GSkit error....

Post new topic  Reply to topic
 openssl and GSkit error.... « View previous topic :: View next topic » 
Author Message
My_Quest
PostPosted: Tue Aug 09, 2005 4:56 pm    Post subject: openssl and GSkit error.... Reply with quote

Novice

Joined: 07 May 2005
Posts: 24
Hi all,

I am planning to set up channels using MQ SSL with self-signed certificates.One of my QMGR is on AIX and other on HP-UX(itanium) platform.I am using openssl for the HP-UX environment and GSkit for the AIX.I have created a slef-signed certificate on AIX (cert.arm) and through ftp I appended it to the cacert.pem on HP-UX.And when I tried to ftp the cacert.pem on HP-UX and add it to the database as signer certificate to cert.arm on AIX...I see this error.

Error message:

"The validity period does not include today or does not fall within its issuer's validity period".

This is the first time we are creating the certificates on both sides.

Can any one help me with this.Thank You.
Back to top
View user's profile Send private message
harwinderr
PostPosted: Tue Aug 09, 2005 9:22 pm    Post subject: Reply with quote

Voyager

Joined: 29 Jan 2002
Posts: 90
First of all, why would you use openssl on HP-UX system to establish SSL channels. As far as I know, MQ on HP-UX (itanium) uses GSKit and not OpenSSL.

The steps that you are trying to carry out appears to be OpenVMS specific. Use GSKit on both the systems to create certificates.
Back to top
View user's profile Send private message Yahoo Messenger MSN Messenger
My_Quest
PostPosted: Wed Aug 10, 2005 5:03 am    Post subject: Openssl and GSkit... Reply with quote

Novice

Joined: 07 May 2005
Posts: 24
Hi,

IBM does not support MQ for HP-UX(itanium) and it is provided by other company.This company asked us to use openssl only.I guess there is no way I can use GSkit.Thank You.
Back to top
View user's profile Send private message
Tibor
PostPosted: Wed Aug 10, 2005 1:47 pm    Post subject: Reply with quote

Grand Master

Joined: 20 May 2001
Posts: 1033
Location: Hungary
You can create your key files (cert, stash) on any box, because these are portable thru Unix platforms.

Tibor
Back to top
View user's profile Send private message
My_Quest
PostPosted: Thu Aug 11, 2005 5:19 am    Post subject: openssl and gskit error... Reply with quote

Novice

Joined: 07 May 2005
Posts: 24
Hi Tibor,
Thank You for the reply.As we purchased the MQ software from a diferent company they do not have GSkit along with the MQ 5.3 Server version.They follow openssl only for ssl between channels.So I guess there is no way I can use GSkit.Thank You
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic  Reply to topic Page 1 of 1

MQSeries.net Forum Index » General IBM MQ Support » openssl and GSkit error....
Jump to:  



You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
Protected by Anti-Spam ACP
  
 


Theme by Dustin Baccetti
Powered by phpBB © 2001, 2002 phpBB Group

Copyright © MQSeries.net. All rights reserved.