ASG
IBM
Zystems
Cressida
Icon
Netflexity
 
  MQSeries.net
Search  Search       Tech Exchange      Education      Certifications      Library      Info Center      SupportPacs      LinkedIn  Search  Search                                                                   FAQ  FAQ   Usergroups  Usergroups
 
Register  ::  Log in Log in to check your private messages
 
RSS Feed - WebSphere MQ Support RSS Feed - Message Broker Support

MQSeries.net Forum Index » General IBM MQ Support » SSL self signed certificate setup issue

Post new topic  Reply to topic Goto page Previous  1, 2
 SSL self signed certificate setup issue « View previous topic :: View next topic » 
Author Message
JosephGramig
PostPosted: Wed Apr 13, 2016 5:26 am    Post subject: Reply with quote

Grand Master

Joined: 09 Feb 2006
Posts: 1244
Location: Gold Coast of Florida, USA
When you create a self signed certificate, you have created an Internal CA.

If you had 500 Qmgrs that did this, you would need to add 499 certs 499 times. That isn't efficient.

If you build one Internal CA and have it sign all Certificate Signing Requests (CSRs) and send back the Internal CA's public certificate and the requester's public CA, then that would be 500 sends, adds and receives of certificates. More efficient.

The Qmgr key store should have two certs:
1) The Internal CA public cert
2) The Qmgr's private/public certificate pair
Back to top
View user's profile Send private message AIM Address
zpat
PostPosted: Wed Apr 13, 2016 5:54 am    Post subject: Reply with quote

Jedi Council

Joined: 19 May 2001
Posts: 5866
Location: UK
Presumably you could re-use the same self-signed certificate - as long as you rename the certificate label according to the QM name (or use MQ v8)?
_________________
Well, I don't think there is any question about it. It can only be attributable to human error. This sort of thing has cropped up before, and it has always been due to human error.
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic  Reply to topic Goto page Previous  1, 2 Page 2 of 2

MQSeries.net Forum Index » General IBM MQ Support » SSL self signed certificate setup issue
Jump to:  



You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
Protected by Anti-Spam ACP
  
 


Theme by Dustin Baccetti
Powered by phpBB © 2001, 2002 phpBB Group

Copyright © MQSeries.net. All rights reserved.