ASG
IBM
Zystems
Cressida
Icon
Netflexity
 
  MQSeries.net
Search  Search       Tech Exchange      Education      Certifications      Library      Info Center      SupportPacs      LinkedIn  Search  Search                                                                   FAQ  FAQ   Usergroups  Usergroups
 
Register  ::  Log in Log in to check your private messages
 
RSS Feed - WebSphere MQ Support RSS Feed - Message Broker Support

MQSeries.net Forum Index » General IBM MQ Support » Issue with certificates

Post new topic  Reply to topic
 Issue with certificates « View previous topic :: View next topic » 
Author Message
mqwbiwf
PostPosted: Tue Aug 11, 2009 12:49 pm    Post subject: Issue with certificates Reply with quote

Centurion

Joined: 21 Jul 2006
Posts: 126
One of our clients use MQ IPT 1.3 to connect to an MQ server 6.0, but the certificate of the URL that they use got expired. And now they are having issues establishing the connection.

I've very little knowledge about certs, but after going through the documentation, looks like we have to generate the PFX and PWD files ourselves. Did I understand that correctly, or will they be given by a CA?

If we have to generate them, could some one guide me? Here's what I've done so far:

Started KeyMan that comes with MQ 6.0
Database type - PKCS12
Added the CA certificate to the database (key.p12) with a password/stash file
(key.sth)

But I'm not sure how to create the PFX and PWD files using the above. The steps given in document refer to some actions which I don't really find in keyman, so would be greatly appreciated if someone could guide me here!

Thanks much.
Back to top
View user's profile Send private message
fschofer
PostPosted: Tue Aug 11, 2009 1:43 pm    Post subject: Reply with quote

Knight

Joined: 02 Jul 2001
Posts: 524
Location: Mainz, Germany
Hi,

this redpaper may help you:
http://www.redbooks.ibm.com/redpapers/pdfs/redp4140.pdf

Greetings
Frank
Back to top
View user's profile Send private message Send e-mail
mqwbiwf
PostPosted: Wed Aug 12, 2009 1:57 pm    Post subject: Reply with quote

Centurion

Joined: 21 Jul 2006
Posts: 126
Thanks for that info. I did go through the document, but I think I'm missing something quite simple here. Now, after trying a few other things, I increased the trace level to 5on MQ IPT and found from the error logs:

Loading token from C:\MQIPT\ssl\entrust_cert.pfx using password from C:\MQIPT\ssl\entrust_cert.pwd

Error reading password file (C:\MQIPT\ssl\entrust_cert.pwd), p1=java.io.EOFException

Error reading key ring file (C:\MQIPT\ssl\entrust_cert.pfx) : , p1=java.io.IOException: java.io.EOFException

I have the pwd file saved in plain text format. Looks like it has to be in the encrypted format, and I tried all possible ways using the keyman and ikeyman, but could not find any activity that does this.

Would appreciate if someone could throw some ideas.
Back to top
View user's profile Send private message
mqwbiwf
PostPosted: Wed Aug 12, 2009 2:52 pm    Post subject: Reply with quote

Centurion

Joined: 21 Jul 2006
Posts: 126
sorry abt tht
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic  Reply to topic Page 1 of 1

MQSeries.net Forum Index » General IBM MQ Support » Issue with certificates
Jump to:  



You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
Protected by Anti-Spam ACP
  
 


Theme by Dustin Baccetti
Powered by phpBB © 2001, 2002 phpBB Group

Copyright © MQSeries.net. All rights reserved.