Open 344271 opened 3 years ago
Creating keystores is fully described in the MQ documentation. See for example this page in the KnowledgeCentre
If it's useful, there is a similar set of instructions in the nextdoor "Golang JMS" repo (programming interface that layers on top of this one) that talks about how to set up your own keystore. That is talking in the context of running one of the test case files, but the steps are equivalent for your own application; https://github.com/ibm-messaging/mq-golang-jms20/tree/master/tls-samples
The keystore file contents are the same whether you use them from Golang via this MQI style interface or via the "JMS" style interface.
Thanks a lot, Mark. But I am not sure how to use strmqikm (iKeyman) GUI and execute command runmqckm. The link has a lot of info and I am not sure how to start executing the steps. Please guide.
There's also more general getting started with MQ and TLS information here: https://developer.ibm.com/components/ibm-mq/tutorials/mq-secure-msgs-tls/ (pick the second option of C/Golang, not Java)
And this may be of help if you're looking for mutual TLS: https://stackoverflow.com/questions/63259241/pymqi-connecting-to-ibm-mq-with-ssl (this is for Python, but that's conceptually similar)
Hello Team,
I have added the certificates to the key repository. But I am now getting an MQRC 2539 error.
Here's is my go code.
var qMgrName string
resp := true
cno := ibmmq.NewMQCNO()
cd := ibmmq.NewMQCD()
sco := ibmmq.NewMQSCO()
cd.ChannelName = channel
qMgrName = Manager
cd.ConnectionName = future.test
cd.SSLCipherSpec =TLS_RSA_WITH_AES_128_CBC_SHA256
sco.KeyRepository= ./key
cno.ClientConn = cd
cno.SSLConfig = sco
cno.Options = ibmmq.MQCNO_CLIENT_BINDING
MQManager, err = ibmmq.Connx(qMgrName, cno)
if err == nil {
resp = true
} else {
resp = false
}
Am I missing any extra parameter here.
Please can you advise how I can resolve this error.
Please include the following information in your ticket.
Hello There, I am referring to the code in the link https://github.com/ibm-messaging/mq-golang/blob/master/samples/amqsconntls.go
I have a question here, could you please let know how to set up the certificates in the Keystore. Need detailed steps on this please.
sco.KeyRepository = "./mykey"