| Author |
Message
|
| jefflowrey |
 Posted: Fri Aug 26, 2005 6:58 am Post subject: |
 |
|
Grand Poobah
Joined: 16 Oct 2002
Posts: 19981
|
Also, I guess I meant the key files themselves, not the java security files...
/var/mqm/qmgrs/<>/ssl/
But you did already say the permissions on these were 644.
_________________
I am *not* the model of the modern major general. |
|
| Back to top |
|
 |
| wschutz |
| Posted: Fri Aug 26, 2005 7:22 am Post subject: |
|
|
Jedi Knight
Joined: 02 Jun 2005
Posts: 3316
Location: IBM (retired)
|
| Quote: |
gsk6cmd -cert -list -db key.kdb
A password is required to access this key database.
Please enter a password:
xxxx
Certificates in database: key.kdb
DODCA3
DODCA4
DODCA7
I thought this meant the password is stashed and working. |
I don't think that assertion is correct. I can get gsk7cmd to work without a key.sth file present.
_________________
-wayne |
|
| Back to top |
|
|
| DJudd |
| Posted: Fri Aug 26, 2005 8:35 am Post subject: |
|
|
Novice
Joined: 22 Jul 2005
Posts: 17
Location: Florida
|
-rw-r--r-- 1 mqm mqm 61560 Aug 22 16:20 1
-rw-r--r-- 1 mqm mqm 662 Aug 22 15:50 certreq.arm
-rw-r--r-- 1 mqm mqm 80 Aug 26 09:36 key.crl
-rw-r--r-- 1 mqm mqm 100080 Aug 26 09:36 key.kdb
-rw-r--r-- 1 mqm mqm 80 Aug 26 09:36 key.rdb
-rw-r--r-- 1 mqm mqm 129 Aug 26 07:00 key.sth
drwxr-xr-x 2 mqm mqm 2048 Aug 23 08:05 .
drwxrwxr-x 3 mqm mqm 96 Aug 16 09:58 ..
$ pwd
/var/mqm/qmgrs/QMJ720BT1/ssl/key
Here's the "correct" list. Thanks |
|
| Back to top |
|
|
| sradiraju |
| Posted: Fri Aug 26, 2005 1:45 pm Post subject: |
|
|
Apprentice
Joined: 08 Sep 2002
Posts: 34
Location: Chicago,IL
|
Hi DJudd,
I think we are missing some thing here. I want to you to check few things. You said you arent using any self-signed certificates and if that is correct how are you importing the certificates into the database. Is it possible for you to use Ikeyman GUI, becuause there is some problem with the label. What is the labelname of your certificate? Let me know these answers and we will take it from there.
Somesh |
|
| Back to top |
|
|
| DJudd |
| Posted: Mon Aug 29, 2005 2:47 am Post subject: |
|
|
Novice
Joined: 22 Jul 2005
Posts: 17
Location: Florida
|
| I have used the ikeyman gui and command line. The label is ibmwebspheremqqmj720bt1. Thanks |
|
| Back to top |
|
|
| bbburson |
| Posted: Mon Aug 29, 2005 7:05 am Post subject: |
|
|
Partisan
Joined: 06 Jan 2004
Posts: 378
Location: Nowhere near a queue manager
|
| DJudd wrote: |
$ pwd
/var/mqm/qmgrs/QMJ720BT1/ssl/key |
Really??? You should be in /var/mqm/qmgrs/QMJ720BT1/ssl . "key" is the key file itself, not another subdirectory level. |
|
| Back to top |
|
|
| DJudd |
| Posted: Mon Aug 29, 2005 7:18 am Post subject: |
|
|
Novice
Joined: 22 Jul 2005
Posts: 17
Location: Florida
|
| That was the problem! I just sent a test but the channel is now running! THANKS |
|
| Back to top |
|
|
| wschutz |
| Posted: Mon Aug 29, 2005 7:20 am Post subject: |
|
|
Jedi Knight
Joined: 02 Jun 2005
Posts: 3316
Location: IBM (retired)
|
| Quote: |
| Really??? You should be in /var/mqm/qmgrs/QMJ720BT1/ssl . "key" is the key file itself, not another subdirectory level. |
good catch  This might have been a hint to us since the first post:
| Quote: |
| I have added the required certs to my keystore on HP Unix. My key.* files are in the default location of /var/mqm/qmgrs/queue/ssl/key. |
_________________
-wayne |
|
| Back to top |
|
|
| smeridew |
| Posted: Wed Oct 18, 2006 12:55 pm Post subject: REFERSH SECURITY TYP(SSL) |
|
|
Novice
Joined: 18 Jun 2002
Posts: 10
Location: Milton, Ontario, Canada
|
Just a comment on some of the older posts on this thread- the command to refresh the cached SSL security is:
REFRESH SECURITY TYP(SSL) ... NOT
REFRESH SECURITY TYPE(SSL)
 |
|
| Back to top |
|
|
| smeridew |
| Posted: Wed Oct 18, 2006 12:58 pm Post subject: REFRESH SECURITY |
|
|
Novice
Joined: 18 Jun 2002
Posts: 10
Location: Milton, Ontario, Canada
|
| Sorry - I meant that the documentation says TYP(SSL), but the command is TYPE(SSL)... |
|
| Back to top |
|
|
|
|
