| |
|
RSS Feed - WebSphere MQ Support
|
RSS Feed - Message Broker Support
|
  |
|
| MCA Interception – Impact 2014 – Morag CSX example |
« View previous topic :: View next topic » |
| Author |
Message
|
| rickwatsonb |
 Posted: Thu Jul 10, 2014 12:31 pm Post subject: MCA Interception – Impact 2014 – Morag CSX example |
 |
|
Voyager
Joined: 15 Aug 2006
Posts: 87
Location: USA: Mid-West
|
Hi,
I am working on implementing MCA Interception between a MQ server and a non-IBM JMS Client. After reviewing the Morag et al. IMPACT2014 documentation on the CSX MCA Interception example (http://www.slideshare.net/MoragHughson/websphere-mq-ams) I am uncertain about which certificates need to be in the MQ AMS keystore for the MQ Server/non-IBM Java Client AMS implementation.
I do understand that the SVRCONN XMQ1.PSOFT.CL channel must have SSL turned on, and the SSL keystore is located separately at /var/mqm/qmgrs/XMQ1/ssl/ with the key.kdb containing the PS certificate and the XMQ1 Queue manager certificate.
For the MQ AMS keystore (e.g. /var/mqm/.mqs/key.kdb) I am uncertain as to what certificate label in the keystore.conf file is used for the SVRCONN channel between QMGR XMQ1 and the PeopleTools application (non-IBM java). Specifically, what certificate label will the AMS keystore.conf point to in the following line of code:
cms.certificate.channel.XMQ1.PSOFT.CL=<certificate label>
The documentation does not show the existence of the PeopleTools (PS) certificate in the MQ AMS keystore. (In the IBM knowledge center MCA Interception page – it equals the alice or bob certificate label.) Is there something missing from the documentation, or am I misunderstanding the setup between the PeopleTools and the XMQ1 Queue manager for MCA Interception?
Thanks for your time. |
|
| Back to top |
|
 |
| fjb_saper |
| Posted: Fri Jul 11, 2014 4:30 am Post subject: |
|
|
Grand High Poobah
Joined: 18 Nov 2003
Posts: 20756
Location: LI,NY
|
Replace the corresponding Alice / Bob with your PeopleTools ( PS) cert. 
_________________
MQ & Broker admin |
|
| Back to top |
|
|
| rickwatsonb |
| Posted: Mon Jul 14, 2014 7:39 am Post subject: |
|
|
Voyager
Joined: 15 Aug 2006
Posts: 87
Location: USA: Mid-West
|
Thanks for the reply fjb_saper and for confirming that the PS certificate should be listed in the CSX example documentation for the Linux HA queue manager AMS keystore - not sure how it would have gotten missed since that was a main point of the presentation (MCA Interception setup).
Can someone please send Morag a note to update the CSX example to include the PS (PeopleTools) certificate for the Linux HA queue manager, especially on page 45 under "Keystore (AMS/XMQ1)". -thanks |
|
| Back to top |
|
|
| fjb_saper |
| Posted: Mon Jul 14, 2014 2:02 pm Post subject: |
|
|
Grand High Poobah
Joined: 18 Nov 2003
Posts: 20756
Location: LI,NY
|
Well the thing is the policies need to match.
Whether you use Alice or PeopleTools or Bob is irrelevant as long as you have the required certs in the keystore....
_________________
MQ & Broker admin |
|
| Back to top |
|
|
|
|
|
| |
|
Page 1 of 1 |
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
|
|
