See information about the latest product version
mqsireloadsecurity command - z/OS
Use the mqsireloadsecurity command on z/OS® to force the immediate expiry of some or all the entries in the security cache.
Syntax
z/OS command - BIPRLSEC
>>-mqsireloadsecurity--| brokerSpec |--+------------------+-----> '- -u --useridList-' >--+-------------------+--------------------------------------->< '- -w --timeoutSecs-' brokerSpec |--+- brokerName ----------------+------------------------------| +- -n --brokerFileName--------+ | .-------------------------. | | V | | '-----+- -i --ipAddress-+---+-' +- -p --port------+ '- -q --qMgr------'
Parameters
- brokerSpec
- You must specify at least one parameter to identify
the target broker for this command, in one of the following forms:
- brokerName
- This parameter identifies the name of a locally defined broker.
- -n brokerFileName
- This parameter identifies the name of a file that contains the connection details for a local broker.
Use this option if multiple users want to connect to the same broker, or if you are using advanced connection parameters such as SSL.
To create this file, right-click the broker in the WebSphere® Message Broker Explorer and select Export *.broker file. When prompted, navigate to the location in which you want to save the file and enter the file name; the extension .broker is appended automatically when you click Save. Include the location (path) and file name when you specify this parameter. You must ensure that the location is accessible when you run this command.
If you want to run a command that uses SSL to administer a remote broker over a secured channel, you must specify the keystore and truststore password for the connection using the IBM_JAVA_OPTIONS environment variable. See Resolving problems when running commands for further information.
- -i ipAddress, -p port, -q qMgr
- These parameters identify the connection details for the broker.
If you specify a queue manager, it must be defined on the local computer.
If you choose this option, you must specify at least one of these three parameters; the order in which you specify them is irrelevant. You cannot specify each parameter more than once.
Parameters that you omit assume default values:
- -i ipAddress: The host name or the IP address of the computer on which the broker is running. If you do not specify this parameter, a value that represents the local computer is used.
- -p port: The TCP port on which the broker's queue manager is listening. If you do not specify this parameter, the value 1414 is used.
- -q qMgr: The name of the broker's queue manager. If you do not specify this parameter, a value that represents the default queue manager on the local computer is used.
- You cannot connect to a remote queue manager on z/OS; see Usage note.
- -u useridList
- (Optional) This parameter reloads all entries in the security cache for the specified list of users (separated by colons). If you do not specify this parameter, all entries in the security cache are reloaded. For cached certificates, this value is the common name element value.
- -w timeoutValue
- (Optional) This parameter specifies the time in seconds that the utility waits to ensure that the command completed; the default value is 60.
Usage note
If you try to connect to a remote broker by specifying the i, p, and q parameters, or by using a connection parameter file (.broker), the command attempts to use WebSphere MQ Java™ client code. This option is not supported on z/OS, and returns the following error:
BIP1046E: Unable to connect with the broker (name)
The reported reason code is MQRC_ENVIRONMENT_ERROR. You must specify a local queue manager.
Examples
mqsireloadsecurity -n BROKER1.broker -u user1
F MQP1BRK,rc
F MQP1BRK,rc u=user1
F MQP1BRK,rc u=user1:user2:user3,w=600