Hello,
One of our MQ customers has requested encryption on our MQ channels and we've never done this before. This is what we believe needs to be done. Can anybody double check that we're not missing the boat. Both our customer and us are on an MVS platform and we plan to use RACF as our certification authority. I'm not sure what the client plans to use. I've asked our security administrator to create our certificates including our distiguished name with the RACDCERT CERTAUTH GENCERT RACF command, create our CHINIT certificates, create our key ring repository, connect our CHINIT to the keyring, and grant access to our CHINIT using the RACF PERMIT command. We also believe that we need to alter our QMGR to include the SSLKEYR (defined with RACF), and alter our CHANNELS to specify the CipherSpecs that we plan to use (RC4_MD5_US).
Is there anything missing and what definitions do we need to do on our end for the customer?
Thanks for the help!!!!
One of our MQ customers has requested encryption on our MQ channels and we've never done this before. This is what we believe needs to be done. Can anybody double check that we're not missing the boat. Both our customer and us are on an MVS platform and we plan to use RACF as our certification authority. I'm not sure what the client plans to use. I've asked our security administrator to create our certificates including our distiguished name with the RACDCERT CERTAUTH GENCERT RACF command, create our CHINIT certificates, create our key ring repository, connect our CHINIT to the keyring, and grant access to our CHINIT using the RACF PERMIT command. We also believe that we need to alter our QMGR to include the SSLKEYR (defined with RACF), and alter our CHANNELS to specify the CipherSpecs that we plan to use (RC4_MD5_US).
Is there anything missing and what definitions do we need to do on our end for the customer?
Thanks for the help!!!!
