ASG
IBM
Zystems
Cressida
Icon
Netflexity
 
  MQSeries.net
Search  Search       Tech Exchange      Education      Certifications      Library      Info Center      SupportPacs      LinkedIn  Search  Search                                                                   FAQ  FAQ   Usergroups  Usergroups
 
Register  ::  Log in Log in to check your private messages
 
RSS Feed - WebSphere MQ Support RSS Feed - Message Broker Support

MQSeries.net Forum Index » General IBM MQ Support » ssl problem

Post new topic  Reply to topic
 ssl problem « View previous topic :: View next topic » 
Author Message
raz
PostPosted: Tue Aug 14, 2007 10:06 am    Post subject: ssl problem Reply with quote

Acolyte

Joined: 10 Jul 2007
Posts: 70
Hi,

I am using MQ5.3 CSD 10 and am using SSL third party CA (verisign) certificate in my channel. SSL certificate is going to expire on Sep2nd so What i am doing already I have requested new CSR from new database file which has been created in temp location.

What I am going to do is once I get the certificate I will place that in new database and copy in /var/mqm/qmgrs/qmgrname/ssl/key directory and will take copy of original running database file.

If anything goes wrong can I copy back existing certificate till it expires.

Do I need to restart the qmgr.

Advise me

Thanks
Back to top
View user's profile Send private message
jefflowrey
PostPosted: Tue Aug 14, 2007 10:17 am    Post subject: Reply with quote

Grand Poobah

Joined: 16 Oct 2002
Posts: 19981
Upgrade your qmgr to v6.

Import the new certificate into the iKeyman/GSKit database.

Don't import the expiring certificate.

Please don't double-post.
_________________
I am *not* the model of the modern major general.
Back to top
View user's profile Send private message
raz
PostPosted: Tue Aug 14, 2007 10:26 am    Post subject: Reply with quote

Acolyte

Joined: 10 Jul 2007
Posts: 70
We are planing to upgrade in Sep first week but before that I need to update certificate because it's expiring on Sep 2nd.
After updating the certificate do I need to restart the qmgr.

Thanks
Back to top
View user's profile Send private message
marcin.kasinski
PostPosted: Tue Aug 14, 2007 10:51 am    Post subject: Reply with quote

Sentinel

Joined: 21 Dec 2004
Posts: 850
Location: Poland / Warsaw
raz wrote:
... do I need to restart the qmgr.



You can use refresh security type(ssl).

Very often it will be enough.
(sometimes not ) . It depends on OS of connected QMGRs.
_________________
Marcin

Last edited by marcin.kasinski on Tue Aug 14, 2007 11:29 am; edited 1 time in total
Back to top
View user's profile Send private message Visit poster's website
bbburson
PostPosted: Tue Aug 14, 2007 11:28 am    Post subject: Reply with quote

Partisan

Joined: 06 Jan 2004
Posts: 378
Location: Nowhere near a queue manager
marcin.kasinski wrote:
You can use refresh security type(ssl).


Not in v5.3, as I pointed out in reponse to his other post.
Back to top
View user's profile Send private message
marcin.kasinski
PostPosted: Tue Aug 14, 2007 11:35 am    Post subject: Reply with quote

Sentinel

Joined: 21 Dec 2004
Posts: 850
Location: Poland / Warsaw
bbburson wrote:
marcin.kasinski wrote:
You can use refresh security type(ssl).


Not in v5.3, as I pointed out in reponse to his other post.


Sure.

I haven't noticed it.
_________________
Marcin
Back to top
View user's profile Send private message Visit poster's website
Display posts from previous:   
Post new topic  Reply to topic Page 1 of 1

MQSeries.net Forum Index » General IBM MQ Support » ssl problem
Jump to:  



You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
Protected by Anti-Spam ACP
  
 


Theme by Dustin Baccetti
Powered by phpBB © 2001, 2002 phpBB Group

Copyright © MQSeries.net. All rights reserved.