ASG
IBM
Zystems
Cressida
Icon
Netflexity
 
  MQSeries.net
Search  Search       Tech Exchange      Education      Certifications      Library      Info Center      SupportPacs      LinkedIn  Search  Search                                                                   FAQ  FAQ   Usergroups  Usergroups
 
Register  ::  Log in Log in to check your private messages
 
RSS Feed - WebSphere MQ Support RSS Feed - Message Broker Support

MQSeries.net Forum Index » General Discussion » Using OpenLDAP to check Certificate Revocation List (CRL)

Post new topic  Reply to topic
 Using OpenLDAP to check Certificate Revocation List (CRL) « View previous topic :: View next topic » 
Author Message
blee
PostPosted: Thu Apr 20, 2006 6:56 am    Post subject: Using OpenLDAP to check Certificate Revocation List (CRL) Reply with quote

Newbie

Joined: 28 Feb 2006
Posts: 7
Has anyone successfully use OpenLDAP to check Certificate Revocation List (CRL)?

Our situations:

1. Created and installed all the signed certs for the qmgrs using OpenSSL.
2. Created sender and receiver channels for the qmgrs. (with corresponding CipherSpec).
3. Successfully connected the channels.
4. Configured the qmgrs to use CRL (following instructions in MQ Security manual)
5. The same channels failed to start.

The MQ error log:

4/20/2006 09:57:34 - Process(2876.1) User(leebr) Program(runmqchl.exe)
AMQ9646: Channel 'SSLLOCAL.SSLLOCAL2' could not connect to any LDAP CRL
servers.

-----------------------------------------------------------
EXPLANATION:
LDAP Certification Revocation List (CRL) servers were specified but a
connection could not be established to any of them. The channel is
'SSLLOCAL.SSLLOCAL2'; in some cases its name cannot be determined and so is shown as '????'. The channel did not start.
-----------------------------------------------------------

I used several LDAP clients (eg. LDAP Browser) and was able to connect and search the OpenLDAP directory. That means the LDAP is running. For testing purposes, the LDAP is configured to allowed anonymous access.


Any suggestions would be greatly appreciated.
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic  Reply to topic Page 1 of 1

MQSeries.net Forum Index » General Discussion » Using OpenLDAP to check Certificate Revocation List (CRL)
Jump to:  



You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
Protected by Anti-Spam ACP
  
 


Theme by Dustin Baccetti
Powered by phpBB © 2001, 2002 phpBB Group

Copyright © MQSeries.net. All rights reserved.