Securing connections to an IBM MQ network

Connections between a WebSphere® Application Server and a IBM MQ network can use the Secure Sockets Layer (SSL) protocol to increase the confidentiality and integrity of messages transferred between a messaging engine on a service integration bus and IBM MQ.

By default, new application servers are configured to accept inbound IBM MQ connections through two inbound transport chains. To read about inbound transport chains, see Inbound transport options. One of these chains is configured to accept SSL-based connections, making it possible to configure a sender channel in the IBM MQ network to connect through this channel chain and establish an SSL-based connection. For more information about securing IBM MQ sender channels, see the Security section of the IBM MQ information center. All IBM MQ interoperation resources hosted by an application server can be contacted by all inbound IBM MQ transports defined to that server, so you should restrict the inbound transports that are enabled. This is important because the default application server configuration has definitions for inbound IBM MQ transports that are not secured using SSL. For more information, see Secure transport configuration requirements).

When connecting a WebSphere Application Server to a IBM MQ queue manager or (for IBM MQ for z/OS®) queue sharing group through a IBM MQ 鏈結 sender channel definition, you might choose to secure the link through SSL. This is achieved by specifying a suitable transport chain for the Transport chain property of the IBM MQ 鏈結 sender channel definition. The name of the default SSL-based outbound transport chain suitable for securing a IBM MQ 鏈結 sender channel is OutboundSecureMQLink. For more information, see Outbound transport options.


指出主題類型的圖示 概念主題



時間戳記圖示 前次更新: July 9, 2016 11:10
http://www14.software.ibm.com/webapp/wsbroker/redirect?version=cord&product=was-nd-mp&topic=cjc0097_
檔名:cjc0097_.html