Use this task to enable JMS applications running under WebSphere Application Server on z/OS to communicate in client mode with WebSphere MQ using SSL-protected channels with RACF keyrings.
Before you begin
The following publications provide information that you might find useful when working on this task:Why and when to perform this task
To enable JMS applications running under WebSphere Application Server on z/OS to communicate in client mode with WebSphere MQ using SSL-protected channels with RACF keyrings complete the following steps, described in this topic.
When you have completed all the configuration steps, you must stop and restart the WebSphere Application Server Control and Servant regions, and the WebSphere MQ Channel Initiator tasks.
Steps for this task
Note: The personal certificate for the WebSphere MQ channel initiator must have a LABEL of ibmWebSphereMQmmmm where mmmm is the 4-character queue manager name of the target queue manager; for example, for the WebSphere MQ queue manager called MQ01, the LABEL value of the personal certificate must be ibmWebSphereMQMQ01. The LABEL value is case-sensitive.
-Djavax.net.ssl.trustStore=safkeyring:///WASKeyring_name -Djavax.net.ssl.trustStoreType=JCERACFKS -Djavax.net.ssl.trustStorePassword=password -Djavax.net.ssl.keyStore=safkeyring:///WASKeyring_name -Djavax.net.ssl.keyStoreType=JCERACFKS -Djavax.net.ssl.keyStorePassword=password
Where WASKeyring_name is the name of the RACF keyring set for WebSphere Application Server in the preceding steps.
What to do next
Stop and restart the WebSphere Application Server Control and Servant regions, and the WebSphere MQ Channel Initiator tasks.