| |
|
RSS Feed - WebSphere MQ Support
|
RSS Feed - Message Broker Support
|
  |
|
| SSL and CRL configuration |
« View previous topic :: View next topic » |
| Author |
Message
|
| roldancer |
 Posted: Fri Nov 26, 2004 3:15 am Post subject: SSL and CRL configuration |
 |
|
Novice
Joined: 12 May 2004
Posts: 12
|
Hi All,
We want to use CRL in our installation, the problem is that MQ's documentation about this topic is not good enough. We have some doubts about this topic.
1) How MQ Channel checks the CRL, for example my LDAP has the following configuration
c=US
o=IBM
ou=IT
cn=CA
CRL
In the MQ configuration I only can specify LDAP Server, user and passwors, so how can I configure the CRL path ?
2) PKI specification uses a extention called CRLDistributionPoint in each X509V3 certficate, this is the place where is stored the CRL asociated to my X509V3 cert, Does MQ use this attribute to find the CRL ?
3) Which logic uses MQ to find the CRL ?
Thanks in advance. |
|
| Back to top |
|
 |
| Nigelg |
| Posted: Fri Nov 26, 2004 3:50 am Post subject: |
|
|
Grand Master
Joined: 02 Aug 2004
Posts: 1046
|
The qmgr attribute SSLCRLNL specifies a namelist of AUTHINFO objects to be used for CRL checking by the qmgr.
The AUTHINFO object has a CONNAME, which is the path to the server, and an LDAPUSER attribute, which is the Distinguished Name of the user accessing the server, where you can specify the separate c= o= ou= cn= parts. |
|
| Back to top |
|
|
|
|
|
| |
|
Page 1 of 1 |
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
|
|
