| |
|
RSS Feed - WebSphere MQ Support
|
RSS Feed - Message Broker Support
|
  |
|
| IBM MQ AMS configurate |
« View previous topic :: View next topic » |
| Author |
Message
|
| antongrizli |
 Posted: Mon Feb 15, 2016 8:01 am Post subject: IBM MQ AMS configurate |
 |
|
Novice
Joined: 03 Feb 2016
Posts: 10
|
Good afternoon, colleagues.
Please help me with configurate IBM MQ AMS for FTE.
In my first server I create coordination queue manager - CQM and create agent for FTE Agent_CQM.
In the next server I create SQM - manager and agent Agent_SQM which connected to CQM in binding mode.
The next step I tryed configurate keystore for my certificate.
Keystore have the next link C:\Users\MUSR_MQADMIN\AMS
keystore.conf is located C:\Users\MUSR_MQADMIN\.mqs
| Code: |
cms.keystore = C:\Users\MUSR_MQADMIN\AMS\mqusr_key
cms.certificate = MQUSR1_Cert
JKS.keystore = C:\Users\MUSR_MQADMIN\.mqs\keystore
JKS.certificate = MQUSER1_J_Cert
JKS.encrypted = no
JKS.keystore_pass = P@ssw0rd
JKS.key_pass = P@ssw0rd
JKS.provider = IBMJCE |
Secure policies created for two queue managers:
For CQM manager
| Code: |
setmqspl -m CQM -p SYSTEM.FTE.DATA.AGENT_SQM -s SHA1 -a "CN=MUSR_MQADMIN, OU=Server1, L=Kiev, C=UA" -e AES128 -r "CN=MUSR_MQADMIN, OU=Server2, O=BMS-Consulting, L=Kiev, C=UA"
setmqaut -m CQM -t qmgr -p MUSR_MQADMIN +connect +inq
setmqaut -m CQM -t queue -n SYSTEM.PROTECTION.POLICY.QUEUE -p MUSR_MQADMIN +browse +put
setmqaut -m CQM -t queue -n SYSTEM.PROTECTION.ERROR.QUEUE -p MUSR_MQADMIN +put |
For SQM manager
| Code: |
setmqspl -m SQM -p SYSTEM.FTE.DATA.AGENT_SQM -s SHA1 -a "CN=MUSR_MQADMIN, OU=Server2, L=Kiev, C=UA" -e AES128 -r "CN=MUSR_MQADMIN, OU=Server1, O=BMS-Consulting, L=Kiev, C=UA"
setmqaut -m SQM -t qmgr -p MUSR_MQADMIN +connect +inq
setmqaut -m SQM -t queue -n SYSTEM.PROTECTION.POLICY.QUEUE -p MUSR_MQADMIN +browse +put
setmqaut -m SQM -t queue -n SYSTEM.PROTECTION.ERROR.QUEUE -p MUSR_MQADMIN +put |
Both users have login MUSR_MQADMIN.
When FTE transfering files from SQM to CQM this files don't encrypted
Please help me with this difficult question.[/img]
Last edited by antongrizli on Mon Feb 15, 2016 11:54 pm; edited 1 time in total |
|
| Back to top |
|
 |
| fjb_saper |
| Posted: Mon Feb 15, 2016 9:01 am Post subject: |
|
|
Grand High Poobah
Joined: 18 Nov 2003
Posts: 20696
Location: LI,NY
|
What you want is SSL on the channel. AMS gives you encryption at rest. 
_________________
MQ & Broker admin |
|
| Back to top |
|
|
| antongrizli |
| Posted: Mon Feb 15, 2016 10:24 am Post subject: |
|
|
Novice
Joined: 03 Feb 2016
Posts: 10
|
Thank you for your reply.
Could you tell me please main steps for enable AMS while transferring files? |
|
| Back to top |
|
|
| fjb_saper |
| Posted: Mon Feb 15, 2016 11:17 am Post subject: |
|
|
Grand High Poobah
Joined: 18 Nov 2003
Posts: 20696
Location: LI,NY
|
| antongrizli wrote: |
Thank you for your reply.
Could you tell me please main steps for enable AMS while transferring files? |
Just the same as standard enabling AMS.
However I have no idea of what exactly you are trying to achieve, and if enabling AMS is really going to be the solution for you...
_________________
MQ & Broker admin |
|
| Back to top |
|
|
|
|
|
| |
|
Page 1 of 1 |
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
|
|
