To set up your SSL installation you must define your channels to use SSL. You must also create and manage your digital certificates. On UNIX(R) systems, Windows(R) systems, and on z/OS, you can perform the tests with self-signed certificates. On i5/OS(TM), Windows systems, and on z/OS, you can work with personal certificates signed by a local CA. For full information about creating and managing certificates, see:
This chapter introduces some of the tasks involved in setting up SSL communications, and provides step-by-step guidance on completing those tasks:
You might also want to test SSL client authentication, which is an optional part of the SSL protocol. During the SSL handshake the SSL client always obtains and validates a digital certificate from the SSL server. With the WebSphere MQ implementation, the SSL server always requests a certificate from the SSL client.
On UNIX, i5/OS, or Windows, the SSL client sends a certificate only if it has one labelled in the correct WebSphere(R) MQ format:
On z/OS, the SSL client sends a certificate only if it has either of the following:
The SSL server always validates the client certificate if one is sent. If the SSL client does not send a certificate, authentication fails only if the end of the channel acting as the SSL server is defined:
For more information, see Task 3: Anonymous queue managers.
Notices |
Downloads |
Library |
Support |
Feedback
![]() ![]() |
c00stts0 |