MQ01: Using LDAP and SSL with WebSphere MQ and MQIPT

Downloadable files


Abstract

Sample LDAP server configuration, SSL certificates and CRLs for use with WebSphere MQ and MQIPT certificate revocation checking.

Download Description

In large organisations, managing the certificates used for SSL authentication can be difficult, especially if the private key corresponding to a certificate becomes compromised. Many people therefore choose to use SSL Certificate Revocation Lists (CRLs) to revoke certificates which are compromised or no longer required.

This SupportPac consists of sample SSL certificates and LDAP CRL configurations. The purpose is to demonstrate how to configure WebSphere MQ to use LDAP CRL checking to manage SSL trust across an organisation.

POSSIBLE USES
Users of MQIPT will also find some useful information on use of LDAP CRLs in their route setup.
The sample SSL certificates and CRLs can be deployed in a customer’s test/QA environment to test this functionality and give administrators practical experience of managing certificates using LDAP and CRLs.

SKILL LEVEL REQUIRED
Users must be familiar with common WMQ administration tasks including channel and queue definition. Also users ideally will have some knowledge of SSL configuration.

DETAILS
Author: Andrew Akehurst, WebSphere MQ L3 Service, Hursley
Category: 2
Released: 28Nov06
Current Version: 1.0
»Please note that the version number shown in the right-hand pane is the version of the MQ or WBI product that this SupportPac applies to. The date is the last webpage refresh.

To view the complete portfolio of WebSphere MQ SupportPacs please visit the WebSphere MQ SupportPacs homepage:
http://www-306.ibm.com/software/integration/support/supportpacs

Prerequisites

An installation of WebSphere MQ 5.3 or later. The sections on MQIPT assume the use of IPT 1.3 or later.

Installation Instructions

Unpack the archive file to a suitable directory.

On Windows:
1. Right-click the ZIP file and select “Extract all” from the pop-up menu.
2. The Extaction Wizard appears. Click the Next button.
3. Choose where to unzip the files and click Next.
4. Press Finish.

On Unix:
1. Create a directory to install the SupportPac files. For example:
mkdir /opt/wmqldap
2. Untar the archive using the following commands:
mv mq01.tar.gz /opt/wmqldap
cd /opt/wmqldap
gunzip -c mq01.tar.gz | tar xvf –

URL LANGUAGE SIZE(Bytes)
mq01.pdf US English 105778

Download package

Download RELEASE DATE LANGUAGE SIZE(Bytes) Download Options
mq01.zip 28/11/2006 US English 179340 HTTP
mq01.tar.gz 28/11/2006 US English 147414 HTTP
mq01.tar.Z 28/11/2006 US English 241385 HTTP

Technical support

Category 2 SupportPacs are provided in good faith and AS-IS. There is no warranty or further service implied or committed and any supplied sample code is not supported via IBM product service channels.

You may submit a question using the 'rate this page' below but a response is not guaranteed.

Please read the license information contained within the zip file of this SupportPac to determine if you want to use it.

Rate this page:

(0 users)Average rating

Add comments

Document information


More support for:

WebSphere MQ
SupportPac

Software version:

5.3, 6.0

Operating system(s):

AIX, HP-UX, Linux, Solaris, Windows

Reference #:

4014143

Modified date:

2007-07-06

Translate my page

Machine Translation

Content navigation