Posted: Fri Aug 19, 2016 5:55 am Post subject: MQ Queue Manager - Moving from SSL to TLS
Novice
Joined: 24 Feb 2016 Posts: 17
Hi All,
I am planning to migrate our MQ cluster queue manager from using SSL to TLS. Me and our client source application newer migrate from SSL to TLS so both are newbie on this topic.
Our present SSL RSA key size is 2048 and SSLCIPH (TRIPLE_DES_SHA_US).
MQ Version is 7.0.1.12
There are multiple source channel connect to the queue manager using SSL certifiate and this need to be migrate to the TLS.
Since there are multiple source channel using the same ssl certificate using unique mq client channel to connect queue manager, I do want to remove the existing SSL mq client channel as this will be higher risk in the case of wrong upgrade or rollback scenario and also this queue manager is member of MQ cluster.
I want to create new mq client channel for source channel and configure the TLS and if TLS handshake working fine between source application and queue maanger then SSL channel will be remove for respective source channel.
I have to choose this channel-by-channel SSL to TLS migration strategy to avoid major impact to all source application during same outage window.
If you can give me any advise about it from your experience or point me to any document about MQ Queue Manager SSL to TLS migration strategy. This will be very grateful.
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum