Upgrading clustered queue managers and channels to use SSL
- The first step is to upgrade all queue managers in the cluster
to V5.3 or higher, if they are not already at these levels, and to distribute
the certificates and keys so that SSL works from each of them.
- You then switch the CLUSRCVR channels to SSL in any order you
like (the changes flow in the opposite direction over channels which are not
changed to SSL). Make sure that you do not change the reverse path until
the changes for the current channel have been distributed throughout the
cluster. In other words, change one CLUSRCVR at a time, and allow the changes
to flow through the cluster before changing the next.
- When the CLUSRCVR changes are complete, you should change all
manual CLUSSDR channels to SSL. This does not have any effect on the operation
of the cluster, unless you use the REFRESH CLUSTER command with the REPOS(YES)
option.