Specifying the key repository location for a queue manager

To specify the location of your queue manager's key ring, use the ALTER QMGR MQSC command to set your queue manager's key repository attribute. For example:

ALTER QMGR SSLKEYR(CSQ1RING)
if the key ring is owned by the channel initiator address space, or:
ALTER QMGR SSLKEYR(userid1/CSQ1RING)
if it is a shared key ring,

where userid1 is the user ID that owns the key ring.

Ensuring the CHINIT has access to read the key repository

Ensure your CHINIT user ID has READ access to the IRR.DIGTCERT.LISTRING profile in the FACILITY class by using the following command:

PERMIT IRR.DIGTCERT.LISTRING CLASS(FACILITY) ID(userid) ACCESS(READ)

where userid is the user ID of the channel initiator address space.