SSLPEERNAME

The SSLPEERNAME attribute is used to check the Distinguished Name (DN) of the certificate from the peer queue manager.

In IBM® MQ.NET, applications can use SSLPEERNAME to specify a distinguished name pattern as shown in the following example. 

SSLPEERNAME(CN=QMGR.*, OU=IBM, OU=WEBSPHERE)

As for other IBM MQ clients, SSLPEERNAME is an optional parameter.

If SSLPEERNAME value is not set, the IBM MQ.NET managed client does not do any Remote(Server) certificate validation and the managed client just accepts the Remote(/server) certificate as-is.

The way in which you set SSLPEERNAME depends on which of the IBM MQ stack offerings you are using.
IBM MQ classes for .NET
There are three options as follows.
  1. Set MQEnvironment.SSLPeerName in the MQEnvironment class.
  2. MQEnvironment.properties.Add(MQC.SSL_PEER_NAME_PROPERTY, <value>)
  3. Use the queue manager constructor MQQueueManager (String queueManagerName, Hashtable properties). Supply the SSLPEERNAME in the Hashtable properties as for option 2.
XMS .NET
Set the SSL peer name in the connection factory: 

ConnectionFactory.SetStringProperty(XMSC.WMQ_SSL_PEER_NAME, <value>);
WCF
Include SslPeerName as a semicolon separated field in the URI.