Enabling SSL for the unmanaged .NET client
SSL is supported only for client connections. To enable SSL, you must specify the CipherSpec to use when communicating with the queue manager, and this must match the CipherSpec set on the target channel.
MQEnvironment.Hostname = "your_hostname";
MQEnvironment.Channel = "SECURE.SVRCONN.CHANNEL";
MQEnvironment.SSLCipherSpec = "NULL_MD5";
MQEnvironment.SSLKeyRepository = "C:\mqm\key";
MQQueueManager qmgr = new MQQueueManager("your_Q_manager");
See Specifying CipherSpecs for a list of CipherSpecs.
The SSLCipherSpec property can also be set using the MQC.SSL_CIPHER_SPEC_PROPERTY in the hash table of connection properties.
To successfully connect using SSL, the client keystore must be set up with Certificate Authority root certificates chain from which the certificate presented by the queue manager can be authenticated. Similarly, if SSLClientAuth on the SVRCONN channel has been set to MQSSL_CLIENT_AUTH_REQUIRED, the client keystore must contain an identifying personal certificate that is trusted by the queue manager.