White Papers
Abstract
The objective of this technical document is to describe in detail how to configure the connection between a WebSphere Application Server V7 with an IBM MQ Queue Manager using Secured Sockets Layer (SSL).
Content
The focus of this techdoc is to provide the steps and the commands that you need to perform to configure the secured connection, and using self-signed certificates which you can generate for your testing.
The target platforms are these distributed ones: Unix and Windows.
It is not the intention of this document to provide the background and the explanation of what is SSL. Also, this document does not cover advanced features, such as certificate revocation lists or Online Certificate Status Protocol (OCSP), nor other platforms (z/OS, Open VMS, etc).
It is recommended that you perform the tasks in 2 phases because it is easier to narrow down the scope of the problem determination tasks in case that there are problems:
Phase 1) Connect your MDB in WebSphere Application Server using a non-SSL connection with the MQ queue manager.
Phase 2) Once the MDB is able to receive messages successfully, then you can configure the connection to add SSL.
For the Phase 1, the Sample MDB and deployment and testing instructions mentioned in the following techdoc were performed successfully (non SSL connection).
The target platforms are these distributed ones: Unix and Windows.
It is not the intention of this document to provide the background and the explanation of what is SSL. Also, this document does not cover advanced features, such as certificate revocation lists or Online Certificate Status Protocol (OCSP), nor other platforms (z/OS, Open VMS, etc).
It is recommended that you perform the tasks in 2 phases because it is easier to narrow down the scope of the problem determination tasks in case that there are problems:
Phase 1) Connect your MDB in WebSphere Application Server using a non-SSL connection with the MQ queue manager.
Phase 2) Once the MDB is able to receive messages successfully, then you can configure the connection to add SSL.
For the Phase 1, the Sample MDB and deployment and testing instructions mentioned in the following techdoc were performed successfully (non SSL connection).
https://www.ibm.com/support/pages/node/322771
Using WebSphere MQ V7 as JMS Provider for WebSphere Application Server V7, V8.0 and V8.5, and MQ 9.0 for WAS V9.0
Using WebSphere MQ V7 as JMS Provider for WebSphere Application Server V7, V8.0 and V8.5, and MQ 9.0 for WAS V9.0
The Sample MDB is a small but fully functional MDB which is very helpful for testing the connection between WebSphere Application Server and MQ. If the message that is placed in the queue has the text "TESTING", then the MDB will write in the WebSphere Application Server SystemOut.log the following:
+++ SAMPLE MDB: Text Message => TESTING
This document covers all the necessary steps for "Phase 2", in which the successful non-SSL connection is transformed into an SSL connection.
This document concentrates on Activation Specifications, which is the preferred mechanism in WebSphere Application Server. For completeness, information is provided also for Listener Ports which use information from Connection Factories.
The documentation mentioned in the "References" section provide excellent background on what is SSL but these resources do not offer a comprehensive step-by-step procedure that you can easily follow. Thus, the purpose of this techdoc is to fill the gap between the "theory" of those references and the "practice".
The chapters of this document are:
Chapter 1: Configuration for MQ - create queue manager and objects
Chapter 2: Configuration for WebSphere Application Server - non-SSL connection
++ Testing the MDB (using a non-SSL connection)
Chapter 3: Configuration for MQ - create key database and certificates
Chapter 4: Configuration for WebSphere Application Server - create certificate stores and certificates
Chapter 5: Configuration for WebSphere Application Server - server SSL configuration
++ Section 1: Configure SSL Certificate Stores
++ Section 2. SSL Configuration
Chapter 6: Configuration for WebSphere Application Server - JMS SSL configuration and Testing
++ Section 1. Connection Factory
++ Section 2. Activation Specification
++ Section 3: Testing the SSL connection
+++ SAMPLE MDB: Text Message => TESTING
This document covers all the necessary steps for "Phase 2", in which the successful non-SSL connection is transformed into an SSL connection.
This document concentrates on Activation Specifications, which is the preferred mechanism in WebSphere Application Server. For completeness, information is provided also for Listener Ports which use information from Connection Factories.
The documentation mentioned in the "References" section provide excellent background on what is SSL but these resources do not offer a comprehensive step-by-step procedure that you can easily follow. Thus, the purpose of this techdoc is to fill the gap between the "theory" of those references and the "practice".
The chapters of this document are:
Chapter 1: Configuration for MQ - create queue manager and objects
Chapter 2: Configuration for WebSphere Application Server - non-SSL connection
++ Testing the MDB (using a non-SSL connection)
Chapter 3: Configuration for MQ - create key database and certificates
Chapter 4: Configuration for WebSphere Application Server - create certificate stores and certificates
Chapter 5: Configuration for WebSphere Application Server - server SSL configuration
++ Section 1: Configure SSL Certificate Stores
++ Section 2. SSL Configuration
Chapter 6: Configuration for WebSphere Application Server - JMS SSL configuration and Testing
++ Section 1. Connection Factory
++ Section 2. Activation Specification
++ Section 3: Testing the SSL connection
++ Additional Information:
tags: "MQ SSL"; "MQ TLS"; MQSSL; MQTLS
tags: "MQ SSL"; "MQ TLS"; MQSSL; MQTLS
+++ end +++
[{"Line of Business":{"code":"LOB45","label":"Automation"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSEQTP","label":"WebSphere Application Server"},"ARM Category":[{"code":"a8m50000000Cd8dAAC","label":"WebSphere Application Server traditional-All Platforms-\u003ESIB JMS-JMS-MQ RA - JMS general"}],"Platform":[{"code":"PF002","label":"AIX"},{"code":"PF016","label":"Linux"},{"code":"PF033","label":"Windows"}],"Version":"All Versions","Type":"MASTER"},{"Type":"MASTER","Line of Business":{"code":"LOB45","label":"Automation"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSYHRD","label":"IBM MQ"},"ARM Category":[{"code":"a8m0z00000008PuAAI","label":"Java-\u003EJava EE RA (WebSphere)"}],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All Versions"}]
Product Synonym
WebSphere MQ WMQ WebSphere Application Server WAS
Was this topic helpful?
Document Information
Modified date:
30 October 2023
UID
swg27021934