| Author |
Message
|
| jpeela |
 Posted: Mon Feb 27, 2006 7:53 am Post subject: SSL support |
 |
|
Centurion
Joined: 23 Jan 2006
Posts: 139
|
hi ,
Iam new to MQ (still mentoring) ,I need some help on providing authentication and encryption on messagess,using SSL.Actually I tried using a trial certificate downloaded from a CA.The problem I encountered is...when I installed the certificate,I did not know into which store did it go,and I dont even know what would be the default store for my queuemanager.How to check this and solve this problem.I have used the command
amqmcert -a "se.no.of certificate" -m 'qmgrname'
amqmcert -k current_user -l
but i did not find the certificate
Can some one please help in this regard as soon as possible.
thanx in advance
_________________
Jogi |
|
| Back to top |
|
 |
| jefflowrey |
| Posted: Mon Feb 27, 2006 8:07 am Post subject: |
|
|
Grand Poobah
Joined: 16 Oct 2002
Posts: 19981
|
|
| Back to top |
|
|
| jpeela |
| Posted: Mon Feb 27, 2006 12:57 pm Post subject: |
|
|
Centurion
Joined: 23 Jan 2006
Posts: 139
|
Hi jefflowrey,
thanx for your prompt reply,I've tried that already.but I did not have the key in the store. check the following .This is the error it is showing.please help in this regard.
C:\Documents and Settings\mss168>amqmcert -k MY -l
5724-B41 (C) Copyright IBM Corp. 1994, 2002. ALL RIGHTS RESERVED.
Using CURRENT_USER for default system stores.
AMQ4809: No certificate has been assigned to this WebSphere MQ client.
Enumerating Certificate Stores:
WebSphere MQ Client Store (E:\ssl\key):
---------------------------------------
02001: For VeriSign authorized testing only. No assurances (C)VS1997, For VeriSign authorized tes
ting only. No assurances (C)VS1997
02002: Class 3 Public Primary Certification Authority, Class 3 Public Primary Certification Autho
rity
02003: www.verisign.com/CPS Incorp.by Ref. LIABILITY LTD.(c)97 VeriSign, Class 3 Public Primary C
ertification Authority
02004: Class 2 Public Primary Certification Authority, Class 2 Public Primary Certification Autho
rity
02005: VeriSign Class 2 CA - Individual Subscriber, Class 2 Public Primary Certification Authorit
y
02006: Class 1 Public Primary Certification Authority, Class 1 Public Primary Certification Autho
rity
02007: VeriSign Class 1 CA Individual Subscriber-Persona Not Validated, Class 1 Public Primary Ce
rtification Authority
02008: Thawte Server CA, Thawte Server CA
02009: Thawte Premium Server CA, Thawte Premium Server CA
02010: Thawte Personal Premium CA, Thawte Personal Premium CA
02011: Thawte Personal Freemail CA, Thawte Personal Freemail CA
02012: Thawte Personal Basic CA, Thawte Personal Basic CA
02013: Secure Server Certification Authority, Secure Server Certification Authority
C:\Documents and Settings\mss168>amqmcert -k MY -a 02008
5724-B41 (C) Copyright IBM Corp. 1994, 2002. ALL RIGHTS RESERVED.
Using CURRENT_USER for default system stores.
Enumerating Certificate Stores:
AMQ9675: The requested certificate could not be found.
I even tried the other handles also.Still no use.please do help me.
Thanx in advance.
_________________
Jogi |
|
| Back to top |
|
|
| Mr Butcher |
| Posted: Mon Feb 27, 2006 11:19 pm Post subject: |
|
|
Padawan
Joined: 23 May 2005
Posts: 1716
|
there is a supportpac that helps you to set up ssl with mqseries. check the ibm mqseries support pac site.
_________________
Regards, Butcher |
|
| Back to top |
|
|
| jpeela |
| Posted: Wed Mar 01, 2006 7:49 am Post subject: |
|
|
Centurion
Joined: 23 Jan 2006
Posts: 139
|
thanx butcher for ur suggesion.but Im in a dilemma which fixpack to use.can u suggest me one which would b best.
_________________
Jogi |
|
| Back to top |
|
|
| Mr Butcher |
| Posted: Wed Mar 01, 2006 8:21 am Post subject: |
|
|
Padawan
Joined: 23 May 2005
Posts: 1716
|
fixpac? or supportpac?
if fixpac, use the newest one.
if supportpac... well, i assume that your dilemma is that you did not check the supportpage site for the proper supportpac. you should do, there are not many that carry the name "ssl" in the description.
_________________
Regards, Butcher |
|
| Back to top |
|
|
| fjb_saper |
| Posted: Wed Mar 01, 2006 12:35 pm Post subject: |
|
|
Grand High Poobah
Joined: 18 Nov 2003
Posts: 20756
Location: LI,NY
|
If you installed the SSL version, Every support pack is relevant. You will see SSL version/non SSL version for the fixpacks.
_________________
MQ & Broker admin |
|
| Back to top |
|
|
| jpeela |
| Posted: Fri Mar 03, 2006 12:27 pm Post subject: |
|
|
Centurion
Joined: 23 Jan 2006
Posts: 139
|
thanx people i finally got it.Thanx to the forum.
_________________
Jogi |
|
| Back to top |
|
|
| mq_smart |
| Posted: Sun Mar 05, 2006 9:09 pm Post subject: |
|
|
Acolyte
Joined: 30 Aug 2005
Posts: 57
Location: Vizag India
|
Hey Jogi,
Can U Explain How u Got It
_________________
Thanks in Advance
ONE life LIVE it KING size.... |
|
| Back to top |
|
|
|
|
