To complete this task, follow these steps:
On both QMA and QMB, ensure the key repository is correctly set up:
On both QMA and QMB, create certificate requests:
On both QMA and QMB, add the CA's certificate to the queue manager's key repository:
When the signed personal certificate is sent to you by the CA, add the relevant certificate to the queue manager's key repository (on both QMA and QMB):
On QMA you need to define a sender channel and the transmission is uses:
DEFINE CHANNEL(TO.QMB) CHLTYPE(SDR) TRPTYPE(TCP) CONNAME(QMB.MACH.COM) XMITQ(QMB) SSLCIPH(RC2_MD5_EXPORT) DESCR('Sender channel using SSL from QMA to QMB') DEFINE QLOCAL(QMB) USAGE(XMITQ)
On QMB, you need to define a receiver channel:
DEFINE CHANNEL(TO.QMB) CHLTYPE(RCVR) TRPTYPE(TCP) SSLCIPH(RC2_MD5_EXPORT) SSLCAUTH(REQUIRED) DESCR('Receiver channel using SSL to QMB')
Now that you have completed all the definitions, if you have not already done so, start the channel initiator on WebSphere(R) MQ for z/OS and, on all platforms, start a listener program on QMB. The listener program listens for incoming network requests and starts the receiver channel when it is needed. For information on how to start a listener, see the WebSphere MQ: Intercommunication manual.
If the channel initiator was already running (on z/OS) or if any SSL channels have run previously, you need to issue a REFRESH SECURITY TYPE(SSL) command. This ensures that all the changes made to the key repository are available.
Start the channel on QMA:
START CHANNEL(TO.QMB)
Notices |
Downloads |
Library |
Support |
Feedback
![]() ![]() |
csqzas0214 |