ASG
IBM
Zystems
Cressida
Icon
Netflexity
 
  MQSeries.net
Search  Search       Tech Exchange      Education      Certifications      Library      Info Center      SupportPacs      LinkedIn  Search  Search                                                                   FAQ  FAQ   Usergroups  Usergroups
 
Register  ::  Log in Log in to check your private messages
 
RSS Feed - WebSphere MQ Support RSS Feed - Message Broker Support

MQSeries.net Forum Index » General Discussion » ssl problem

Post new topic  Reply to topic
 ssl problem « View previous topic :: View next topic » 
Author Message
raz
PostPosted: Mon Aug 13, 2007 2:48 pm    Post subject: ssl problem Reply with quote

Acolyte

Joined: 10 Jul 2007
Posts: 70
Hi,

I am using MQ5.3 CSD 10 and am using SSL third party CA (verisign) certificate in my channel. SSL certificate is going to expire on Sep2nd so What i am doing already I have requested new CSR from new database file which has been created in temp location.

What I am going to do is once I get the certificate I will place that in new database and copy in /var/mqm/qmgrs/qmgrname/ssl/key directory and will take copy of original running database file.

If anything goes wrong can I copy back existing certificate till it expires.

Do I need to restart the qmgr.

Advise me

Thanks
Back to top
View user's profile Send private message
jefflowrey
PostPosted: Mon Aug 13, 2007 2:53 pm    Post subject: Reply with quote

Grand Poobah

Joined: 16 Oct 2002
Posts: 19981
You need to upgrade to version 6 of MQ.

Your MQ support is going to expire on September 28th.

http://www-1.ibm.com/support/docview.wss?rs=171&uid=swg21244334
_________________
I am *not* the model of the modern major general.
Back to top
View user's profile Send private message
bbburson
PostPosted: Tue Aug 14, 2007 10:17 am    Post subject: Reply with quote

Partisan

Joined: 06 Jan 2004
Posts: 378
Location: Nowhere near a queue manager
You don't have to get a whole new certificate. You can order a renewal of the existing one. If you still have the *original* CSR you can submit it to your CA for a renewal. If you don't have it handy, use GSK to "recreate request" or some such and then submit that to your CA.

Once you get the renewal cert from them, GSK "Receive" it and it will replace the existing cert.
Back to top
View user's profile Send private message
raz
PostPosted: Tue Aug 14, 2007 10:23 am    Post subject: Reply with quote

Acolyte

Joined: 10 Jul 2007
Posts: 70
Thanks for your reply, I have posted the same question in MQ forum.

Thanks
Back to top
View user's profile Send private message
jefflowrey
PostPosted: Tue Aug 14, 2007 10:30 am    Post subject: Reply with quote

Grand Poobah

Joined: 16 Oct 2002
Posts: 19981
raz wrote:
Thanks for your reply, I have posted the same question in MQ forum.

Thanks


That's called "double-posting".

You shouldn't have done it.
_________________
I am *not* the model of the modern major general.
Back to top
View user's profile Send private message
bbburson
PostPosted: Tue Aug 14, 2007 11:25 am    Post subject: Reply with quote

Partisan

Joined: 06 Jan 2004
Posts: 378
Location: Nowhere near a queue manager
And back to your original question, yes you will have to restart the queue manager. If you were at version 6 you could use REFRESH SECURITY TYPE(SSL) but that command is not available in 5.3.
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic  Reply to topic Page 1 of 1

MQSeries.net Forum Index » General Discussion » ssl problem
Jump to:  



You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
Protected by Anti-Spam ACP
  
 


Theme by Dustin Baccetti
Powered by phpBB © 2001, 2002 phpBB Group

Copyright © MQSeries.net. All rights reserved.