WebSphere WebSphere Application Server Network Deployment, Version 6.1.x Operating Systems: AIX, HP-UX, i5/OS, Linux, Solaris, Windows, z/OS

Securing connections to a WebSphere MQ network

This topic describes the choice of connections to a WebSphere MQ network to meet differing security requirements.

Connections between a WebSphere Application Server and a WebSphere MQ network may utilize the Secure Sockets Layer (SSL) protocol to increase the confidentiality and integrity of messages transferred between a messaging engine on a service integration bus and WebSphere MQ.

By default, new application servers are configured to accept inbound WebSphere MQ connections through two inbound transport chains. To read about inbound transport chains, see Inbound transport options. One of these chains is configured to accept SSL-based connections, making it possible to configure a sender channel in the WebSphere MQ network to connect through this channel chain and establish an SSL-based connection (information about securing WebSphere MQ sender channels can be found in the book WebSphere MQ Security, SC34-6079). Because all WebSphere MQ interoperation resources hosted by an application server can be contacted by all inbound MQ transports defined to that server, take care to restrict the inbound transports that are enabled. This is important because the default application server configuration has definitions for inbound WebSphere MQ transports that are not secured using SSL. To read about secure transport considerations see Secure transport considerations).

When connecting a WebSphere Application Server to a WebSphere MQ queue manager through a WebSphere MQ link sender channel definition, you may choose to secure the link through SSL. This is achieved by specifying a suitable transport chain for the "Transport chain" property of the WebSphere MQ link sender channel definition. The name of the default SSL-based outbound transport chain suitable for securing a WebSphere MQ link sender channel is "OutboundSecureMQLink". To read about outbound transport chains, see Outbound transport options.


Concept topic

Terms of use | Feedback


Timestamp icon Last updated: 26 February 2009
http://publib.boulder.ibm.com/infocenter/wasinfo/v6r1/index.jsp?topic=/com.ibm.websphere.pmc.nd.multiplatform.doc/concepts/cjc0097_.html

Copyright IBM Corporation 2004, 2009. All Rights Reserved.
This information center is powered by Eclipse technology. (http://www.eclipse.org)