Use an MQEndpoint policy to control the values of MQ node connection properties at run time, or to specify an MQ broker for event publication.
MQEndpoint policy documents can be used interchangeably on any of the listed MQ node types. Policies are only validated at run time, so you must check that you set the correct properties for your solution. For example, you might define a connection to a remote queue manager in an MQEndpoint policy document, but this configuration is not supported for integration nodes that are running on z/OS®. For more information about which connection properties can be controlled by MQEndpoint policies, see the appropriate MQ message flow node reference topic in the previous list.
All MQ nodes that do not have either MQ Connection properties set or an MQEndpoint policy specified will use the connection details of the queue manager that is associated with the integration node at run time. If no queue manager was specified for the integration node, the message flow cannot deploy. You can configure the connection properties by either defining an MQEndpoint policy, or set the properties on the MQ Connection tab. If an MQEndpoint policy is specified, then the values of properties that are set in the MQEndpoint policy are used at run time instead of any corresponding values that are set on the MQ Connection tab.
mqsichangeproperties IBNODE -o BrokerRegistry -n mqCCDT -v file_path
You can use an MQEndpoint policy to set security properties for connections to secured WebSphere MQ queue managers. You can connect to a secured local or remote WebSphere MQ queue manager, by passing a user name and password to the queue manager when the connection is made. You can also choose whether to use the SSL protocol when a client connection is made to a remote queue manager.
If you set the Use SSL property in an MQEndpoint policy to provide confidentiality on the client connection, you must also specify the location of the key repository by running the mqsichangeproperties command. If you set the Security identity property, to specify an identity that is used to provide user name and password credentials, you must also define the identity by running the mqsisetdbparms command. For more information about the security properties that can be controlled by an MQEndpoint policy, see the MQInput node, MQOutput node, MQReply node, or MQGet node reference topics. For more information about connecting to a secured queue manager, see Connecting to a secured WebSphere MQ queue manager.
For publish/subscribe applications, you can use an MQEndpoint policy to control the connection details for the MQ pub/sub broker. For more information, see Parameter values for the pubsub component.
You can also use the
message flow view to retrieve and update a policy that is attached
to a message flow node. In the navigation tree, expand Message Flows, and select
the name of the message flow, or subflow, you want to view. Select
the Operational Policy tab from the top of
the message flow pane, and the message flow, or subflow, is displayed
in the Node Policies section. If the message
flow, or subflow, includes a node that has an operational policy attached,
the following policy icon is displayed on the upper-right corner of
the node icon: . Click the policy icon to retrieve and update
the policy document.
For information about accessing the web UI, see Accessing the web user interface.
If you create an MQ Service, an MQEndpoint policy document is generated by default from the connection details. When the MQ Service is applied to an MQ message flow node, the MQEndpoint policy document is automatically attached. For more information, see MQ Service.
<policy type="MQEndpoint">
<policyProperties>
<mqConnectionDetailsPolicy>
<connection>CLIENT</connection>
<destinationQueueManagerName>QMGR1</destinationQueueManagerName>
<queueManagerHostname>localhost</queueManagerHostname>
<listenerPortNumber>1414</listenerPortNumber>
<channelName>SYSTEM.DEF.SVRCONN</channelName>
<securityIdentity>SecId</securityIdentity>
<useSSL>true</useSSL>
<SSLPeerName>CN=IIB10*</SSLPeerName>
<SSLCipherSpec>TLS_RSA_WITH_AES_128_CBC_SHA</SSLCipherSpec>
</mqConnectionDetailsPolicy>
</policyProperties>
</policy>