| Author |
Message
|
| tkaravind |
 Posted: Thu Feb 24, 2005 1:41 am Post subject: To achieve MQ SSL encryption for Java client to MQ Server |
 |
|
Acolyte
Joined: 24 Jul 2001
Posts: 60
|
Dear All,
I have the following requirement to solve using MQ SSL technology.
a) Java client application (Win2K) connects to Qmgr Server QM1 (Win2K)
and puts an encrypted message (encryption should be through SSL between MQ Java client and MQ server).
b) QM1 connects to QM2 (AIX) via server-to-server MQ channel.
The message flows through the sender-receiver channel pair without
any SSL being confgured at the MQ Channel level (since the application has already encrypted it)
c) Once the message reaches QM2 another Java application running on
AIX picks it up decrypted (again through SSL mechanism)and processes
it further.
Given such a requirement
1) What are the steps to follow for SSL configuration at the MQ client and server level including setting up the key repositories ? How can I obtain
certificates for this purpose ?
2) How can I ensure that the message encrypted at the Step 'a' by the first
application gets correctly decrypted by second application in Step 'c'
by using only WMQ 5.3 supplied SSL mechanism.
When I try to get some information from MQ 5.3 security doc, I am totally lost.
Any help would be greatly appreciated.
Many thanks,
Aravind |
|
| Back to top |
|
 |
| jefflowrey |
| Posted: Thu Feb 24, 2005 6:17 am Post subject: |
|
|
Grand Poobah
Joined: 16 Oct 2002
Posts: 19981
|
Channel level SSL does not encrypt the message at all.
It merely encrypts the channel traffic.
_________________
I am *not* the model of the modern major general. |
|
| Back to top |
|
|
| tkaravind |
| Posted: Fri Feb 25, 2005 10:05 pm Post subject: |
|
|
Acolyte
Joined: 24 Jul 2001
Posts: 60
|
Thanks Jeff.
Does this mean that the message put in MQ server by an MQ client program (say Java) wil not be in the encrypted form as it lands on the queue ?
Can you please clarify ?
Thanks,
Aravind |
|
| Back to top |
|
|
| tkaravind |
| Posted: Fri Feb 25, 2005 10:08 pm Post subject: |
|
|
Acolyte
Joined: 24 Jul 2001
Posts: 60
|
Thanks Jeff.
Does this mean that the message put in MQ server by an MQ client program (say Java) wil not be in the encrypted form as it lands on the queue ?
Can you please clarify ?
Thanks,
Aravind |
|
| Back to top |
|
|
| EddieA |
| Posted: Fri Feb 25, 2005 11:29 pm Post subject: |
|
|
Jedi
Joined: 28 Jun 2001
Posts: 2453
Location: Los Angeles
|
| Quote: |
| Channel level SSL does not encrypt the message at all. |
Cheers,
_________________
Eddie Atherton
IBM Certified Solution Developer - WebSphere Message Broker V6.1
IBM Certified Solution Developer - WebSphere Message Broker V7.0 |
|
| Back to top |
|
|
| JT |
| Posted: Sat Feb 26, 2005 8:23 am Post subject: |
|
|
Padawan
Joined: 27 Mar 2003
Posts: 1564
Location: Hartford, CT.
|
If your requirement is to maintain the level of encryption while the message is under the control of MQSeries (either, in transit or resident in a queue), then take a look at the Websphere MQSeries Extended Security edition. The Security edition is a software package that combines Websphere MQSeries v5.3 with Tivoli Access Manager for Business Integration. Click on the links below for details:
WebSphere MQ Extended Security Edition
Tivoli Access Manager for Business Integration |
|
| Back to top |
|
|
|
|
