ASG
IBM
Zystems
Cressida
Icon
Netflexity
 
  MQSeries.net
Search  Search       Tech Exchange      Education      Certifications      Library      Info Center      SupportPacs      LinkedIn  Search  Search                                                                   FAQ  FAQ   Usergroups  Usergroups
 
Register  ::  Log in Log in to check your private messages
 
RSS Feed - WebSphere MQ Support RSS Feed - Message Broker Support

MQSeries.net Forum Index » General IBM MQ Support » SSL for MQ over JMS

Post new topic  Reply to topic
 SSL for MQ over JMS « View previous topic :: View next topic » 
Author Message
narik
PostPosted: Tue Dec 19, 2017 10:36 am    Post subject: SSL for MQ over JMS Reply with quote

Novice

Joined: 29 Aug 2016
Posts: 14
Hi Team,

we have a SAP PO team trying to connect to MQ mainframes through JMS .Now they are planning to have a SSL to connect to MQ over JMS . I belive MQ SSL is a queue manager to queue manager way.Is it possible to implement a SSL over JMS to MQ queue manger
Back to top
View user's profile Send private message
fjb_saper
PostPosted: Tue Dec 19, 2017 11:26 am    Post subject: Re: SSL for MQ over JMS Reply with quote

Grand High Poobah

Joined: 18 Nov 2003
Posts: 20756
Location: LI,NY
narik wrote:
Hi Team,

we have a SAP PO team trying to connect to MQ mainframes through JMS .Now they are planning to have a SSL to connect to MQ over JMS . I belive MQ SSL is a queue manager to queue manager way.Is it possible to implement a SSL over JMS to MQ queue manger

SSL / TLS is a transport layer security. It is not restricted to qmgr to qmgr but can also be use as client to qmgr. JMS is well capable of using SSL to communicate with a queue manager, you will need to specify the ciphersuite and SSLFIPS values to the connection factory and let the jvm know about the key and trust stores...

Have fun
_________________
MQ & Broker admin
Back to top
View user's profile Send private message Send e-mail
zpat
PostPosted: Wed Dec 20, 2017 12:16 am    Post subject: Reply with quote

Jedi Council

Joined: 19 May 2001
Posts: 5866
Location: UK
JMS/MQ works with SSL/TLS.

You may need to install the unrestricted Java security policy files to achieve TLS 1.2 as the default (non-US) ones are not compatible.

You need to specify keystore, trustore, passwords for these, cipher name as well as the usual MQ host address/port and channel.

Look out for MQRC 2397 errors. Usually missing certificates and the best way to solve SSL/TLS failures is a JVM SSL trace.
_________________
Well, I don't think there is any question about it. It can only be attributable to human error. This sort of thing has cropped up before, and it has always been due to human error.
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic  Reply to topic Page 1 of 1

MQSeries.net Forum Index » General IBM MQ Support » SSL for MQ over JMS
Jump to:  



You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
Protected by Anti-Spam ACP
  
 


Theme by Dustin Baccetti
Powered by phpBB © 2001, 2002 phpBB Group

Copyright © MQSeries.net. All rights reserved.