| |
|
RSS Feed - WebSphere MQ Support
|
RSS Feed - Message Broker Support
|
  |
|
| Anonymous SSL but keep private cert? |
« View previous topic :: View next topic » |
| Author |
Message
|
| kd |
 Posted: Tue Sep 14, 2010 8:57 am Post subject: Anonymous SSL but keep private cert? |
 |
|
Novice
Joined: 10 Aug 2006
Posts: 19
|
Hi,
OS: Solaris 10 SPARC
MQ: 6.2.0.8
I have a CA signed cert (created using gsk7cmd, cert_request etc.) which is working fine connecting to other QMgrs that have the corresponding CA cert installed in their keystore.
I now have a requirement to send to a QMgr that (for various reasons) can't import the same CA cert into their keystore, they want to use anonymous ssl. I.e. where we both have another CA cert (one of the defaults - verisign), have SSLCIPH set to something, and their receiver channel will have SSLCAUTH=OPTIONAL. Ideally this config would enable encryption, but disable authentication.
My problem is I still have a private cert, which I can't delete, and am presenting the cert to them, the connection fails because they don't have the correct CA.
Question: How can I configure my sender channel so that it does not present my private cert to the other end? Or, is there another way? (I would rather not have to create a secondary QMgr...)
Thanks in advance... |
|
| Back to top |
|
 |
| mqjeff |
| Posted: Tue Sep 14, 2010 9:01 am Post subject: |
|
|
Grand Master
Joined: 25 Jun 2008
Posts: 17447
|
|
| Back to top |
|
|
| kd |
| Posted: Tue Sep 14, 2010 9:27 am Post subject: |
|
|
Novice
Joined: 10 Aug 2006
Posts: 19
|
Hmm, this looks like it might do the job, have to do some further reading on how it works with certs, performance etc.
Thanks for the suggestion |
|
| Back to top |
|
|
|
|
|
| |
|
Page 1 of 1 |
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
|
|
