| Author |
Message
|
| sknijn |
 Posted: Thu Oct 18, 2012 8:03 pm Post subject: SSL setup without Client channel definition table |
 |
|
Newbie
Joined: 05 Oct 2012
Posts: 2
|
Hello,
I was wondering if it is possible to setup an SSL connection between mqclient and mqserver with only the mqclient.ini, key repository and some environment variables. I already made a svrconn channel, key repositories on both sides and now I am trying to connect using rfhutilc.exe.
Is this anyhow possible?
I understand you either need to use .TAB files of put the information in the application in the MQCONNX call. Please tell me I am wrong....
Right now I got this error:
Remote channel '***' did not specify a CipherSpec when the local channel expected one to be specified. &P The remote host is '***'. &P The channel did not start.
Where can I specify the CipherSpec to be used in mqclient or (preferably) in some environemnt variable? |
|
| Back to top |
|
 |
| exerk |
| Posted: Fri Oct 19, 2012 12:13 am Post subject: |
|
|
Jedi Council
Joined: 02 Nov 2006
Posts: 6339
|
The documentation for the IH03 SupportPac clearly states that either the MQSERVER variable is used, or a CCDT, or channel information can be entered in lieu of the queue manager name but this must be in the same format as the MQSERVER variable, so will still not support SSL. It might be worthwhile contacting the SupportPac maintainer and asking whether it can be adapted to accept additional fields for its MQCONNX.
_________________
It's puzzling, I don't think I've ever seen anything quite like this before...and it's hard to soar like an eagle when you're surrounded by turkeys. |
|
| Back to top |
|
|
| fjb_saper |
| Posted: Fri Oct 19, 2012 6:14 am Post subject: |
|
|
Grand High Poobah
Joined: 18 Nov 2003
Posts: 20756
Location: LI,NY
|
| exerk wrote: |
| The documentation for the IH03 SupportPac clearly states that either the MQSERVER variable is used, or a CCDT, or channel information can be entered in lieu of the queue manager name but this must be in the same format as the MQSERVER variable, so will still not support SSL. It might be worthwhile contacting the SupportPac maintainer and asking whether it can be adapted to accept additional fields for its MQCONNX. |
On the first pane of RFHUtil there is a connection button in the lower middle row of buttons. This opens another pane where you specify if you want to use SSL and all the SSL connection parms from cipherspec to keystore/trustore.
So if you need to switch between SSL and non SSL all you need is to clear a single check box... no need for all the variables...
Of course if you want to, all the environment variables as defined in the using client manual still apply...
Have fun 
_________________
MQ & Broker admin |
|
| Back to top |
|
|
| exerk |
| Posted: Sat Oct 20, 2012 3:58 am Post subject: |
|
|
Jedi Council
Joined: 02 Nov 2006
Posts: 6339
|
fjb, having opened up V7.0.2 of RFHUtilc I do not see that button on any of the tabs, and I've been through them all; nor did I see it in a V5.0.3 copy I had hanging about. Could you please provide a screenshot?
_________________
It's puzzling, I don't think I've ever seen anything quite like this before...and it's hard to soar like an eagle when you're surrounded by turkeys. |
|
| Back to top |
|
|
| fjb_saper |
| Posted: Sat Oct 20, 2012 5:32 am Post subject: |
|
|
Grand High Poobah
Joined: 18 Nov 2003
Posts: 20756
Location: LI,NY
|
Look at the buttons for browse, browse next, close queue.
It should be the button below close queue. Of course you need to use rfhutilc and not rfhutil...
It is on the very first tab
_________________
MQ & Broker admin |
|
| Back to top |
|
|
| exerk |
| Posted: Sat Oct 20, 2012 5:52 am Post subject: |
|
|
Jedi Council
Joined: 02 Nov 2006
Posts: 6339
|
What am I missing?
_________________
It's puzzling, I don't think I've ever seen anything quite like this before...and it's hard to soar like an eagle when you're surrounded by turkeys. |
|
| Back to top |
|
|
| mqjeff |
| Posted: Sat Oct 20, 2012 6:12 am Post subject: |
|
|
Grand Master
Joined: 25 Jun 2008
Posts: 17447
|
| It's the button labelled "Set Conn ID". |
|
| Back to top |
|
|
| exerk |
| Posted: Sat Oct 20, 2012 8:05 am Post subject: |
|
|
Jedi Council
Joined: 02 Nov 2006
Posts: 6339
|
| mqjeff wrote: |
| It's the button labelled "Set Conn ID". |
Every day a school day! 
fjb and mqjeff, as always, thank you for the education. 
_________________
It's puzzling, I don't think I've ever seen anything quite like this before...and it's hard to soar like an eagle when you're surrounded by turkeys. |
|
| Back to top |
|
|
|
|
