It can be useful to list the certificates in a registry, for example to
check on their expiry dates. You can do this using methods in the class
com.ibm.mqe.attributes.MQeListCertificates.
These are used in the example program
examples.certificates.ListWTLSCertificates, which implements a
command-line program that lists certificates.
The program has one compulsory and three optional parameters:
ListWTLSCertificates <reg Name>[<ini file>] [<level>] [<cert names>]
where:
- regName
- is the name of the registry whose certificates are to be listed. It
can be a private registry belonging to a queue manager, a queue or another
entity; it can be a public registry, or (for the administrator) it can be
the mini-certificate server's registry. If you want to list the
certificates in a queue's registry, you must specify its name as
<queue manager>+<queue>, for example
myQM+myQueue. If you want to list the certificates in a
public registry, it must have the name MQeNode_PublicRegistry, it
will not work for a public registry with any other name. The name of
the mini-certificate server's registry is
MiniCertificateServer.
- ini file
- is the name of a configuration file that contains a section for the
registry. This is typically the same configuration file that is used
for the queue manager or mini-certificate server. For a queue, this is
typically the configuration file for the queue manager that owns the
queue. This parameter should be specified for all registries except
public registries, for which it can be omitted.
- level
- is the level of detail for the listing. This can be:
- -b or -brief
- prints the names of the certificate, one name per line
- -n or -normal
- prints the names of the certificates, one per line, followed by their type
(old or new format)
- -f or -full
- prints the names of the certificates, their type, and some of the contents
This parameter is optional and if omitted the "normal" level of detail is
used.
- cert names
- is a list of names of the certificates to be listed. It starts with
the flag -cn followed by names of the certificates, for
example: -cn ExampleQM putQM. If this parameter is
used, only the named certificates are listed. If this parameter is
omitted, all the certificates in the registry are listed.
© IBM Corporation 2002. All Rights Reserved