It can be useful to list the certificates in a registry, for example to
check on their expiry dates. You can do this using methods in the class com.ibm.mqe.attributes.MQeListCertificates.
These are used in the example program examples.certificates.ListWTLSCertificates,
which implements a command-line program that lists certificates.
The program has one compulsory and three optional parameters:
ListWTLSCertificates <reg Name>[<ini file>] [<level>] [<cert names>]
where:
- regName
- is the name of the registry whose certificates are to be listed. It can
be a private registry belonging to a queue manager, a queue or another entity;
it can be a public registry, or (for the administrator) it can be the mini-certificate
server's registry. If you want to list the certificates in a queue's registry,
you must specify its name as <queue manager>+<queue>,
for example myQM+myQueue. If you want to list the certificates
in a public registry, it must have the name MQeNode_PublicRegistry,
it will not work for a public registry with any other name. The name of the
mini-certificate server's registry is MiniCertificateServer.
- ini file
- is the name of a configuration file that contains a section for the registry.
This is typically the same configuration file that is used for the queue manager
or mini-certificate server. For a queue, this is typically the configuration
file for the queue manager that owns the queue. This parameter should be specified
for all registries except public registries, for which it can be omitted.
- level
- is the level of detail for the listing. This can be:
- -b or -brief
- prints the names of the certificate, one name per line
- -n or -normal
- prints the names of the certificates, one per line, followed by their
type (old or new format)
- -f or -full
- prints the names of the certificates, their type, and some of the contents
This parameter is optional and if omitted the "normal" level
of detail is used.
- cert names
- is a list of names of the certificates to be listed. It starts with the
flag -cn followed by names of the certificates, for example: -cn
ExampleQM putQM. If this parameter is used, only the named certificates
are listed. If this parameter is omitted, all the certificates in the registry
are listed.