ASG
IBM
Zystems
Cressida
Icon
Netflexity
 
  MQSeries.net
Search  Search       Tech Exchange      Education      Certifications      Library      Info Center      SupportPacs      LinkedIn  Search  Search                                                                   FAQ  FAQ   Usergroups  Usergroups
 
Register  ::  Log in Log in to check your private messages
 
RSS Feed - WebSphere MQ Support RSS Feed - Message Broker Support

MQSeries.net Forum Index » IBM MQ Security » Setting up SSL Key repository

Post new topic  Reply to topic
 Setting up SSL Key repository « View previous topic :: View next topic » 
Author Message
MQMB&WAS
PostPosted: Sun Jan 08, 2017 6:21 pm    Post subject: Setting up SSL Key repository Reply with quote

Centurion

Joined: 12 Jun 2016
Posts: 130

Hello Friends,

I'm trying to configure SSL security on my system and I'm following the KC http://www.ibm.com/support/knowledgecenter/SSFKSJ_7.5.0/com.ibm.mq.sec.doc/q012660_.html.

Need your help in understanding the below, appreciate any help.

I created a new key database file with name key.kdb and checked the stash password to a file option.(using ikeyman on linux)

In the default ssl directory, /var/mqm/qmgrs/QM1/ssl, I see the below files.

1. key.kdb from what I understand, in this file, the personal certificate of the local qmgr, public part of other qmgrs and CA certificates are stored. correct ?
2. ked.sth this is where the password that I stashed while creating the kdb is stored?
3. key.rdb. ????

could someone spare some time and tell me if I'm understating it correctly and also explain what key.rdb file is?
Back to top
View user's profile Send private message
bruce2359
PostPosted: Sun Jan 08, 2017 6:49 pm    Post subject: Reply with quote

Poobah

Joined: 05 Jan 2008
Posts: 9392
Location: US: west coast, almost. Otherwise, enroute.

A quick google search for key.rdb should answer your questions.
_________________
I like deadlines. I like to wave as they pass by.
ב''ה
Lex Orandi, Lex Credendi, Lex Vivendi. As we Worship, So we Believe, So we Live.
Back to top
View user's profile Send private message
exerk
PostPosted: Mon Jan 09, 2017 1:50 am    Post subject: Reply with quote

Jedi Council

Joined: 02 Nov 2006
Posts: 6339

Think of the files as:

*.kdb - key data base
*.rdb - request data base

And I suggest you think of a more reasonable naming standard than key.* - there's a recipe for disaster just waiting...
_________________
It's puzzling, I don't think I've ever seen anything quite like this before...and it's hard to soar like an eagle when you're surrounded by turkeys.
Back to top
View user's profile Send private message
cgache
PostPosted: Fri Jan 27, 2017 6:37 pm    Post subject: Reply with quote

Apprentice

Joined: 27 May 2013
Posts: 28
Location: Sydney, AUS

the .rdb file gets created automatically with the .kdb file. any modifications to the .kdb file will also modify the .rdb file, so make sure you always have the matching pairs - otherwise your SSL set up won't work.
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic  Reply to topic Page 1 of 1

MQSeries.net Forum Index » IBM MQ Security » Setting up SSL Key repository
Jump to:  



You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
Protected by Anti-Spam ACP
 
 


Theme by Dustin Baccetti
Powered by phpBB © 2001, 2002 phpBB Group

Copyright © MQSeries.net. All rights reserved.