# Start queue managers
```bash
docker run --name qm1 --env LICENSE=accept --env MQ_QMGR_NAME=QM1 --publish 1414:1414 --publish 9443:9443 --volume ./certs:/certs --detach icr.io/ibm-messaging/mq:latest
docker run --name qm2 --env LICENSE=accept --env MQ_QMGR_NAME=QM2 --publish 1415:1414 --publish 9444:9443 --volume ./certs:/certs --detach icr.io/ibm-messaging/mq:latest
```

# Login to a container
```bash
docker exec -it qm1 /bin/bash
```

# Creates a PKCS #12 key repository file
```bash
runmqakm -keydb -create -db qm1.p12 -pw password -type pkcs12
runmqakm -keydb -create -db qm2.p12 -pw password -type pkcs12
```

# create a self-signed personal certificate
```bash
runmqakm -cert -create -db qm1.p12 -pw password -label qm1 -dn "CN=qm1dn" -size 512 -x509version 3 -expire 365 -fips -sig_alg SHA1WithRSA
runmqakm -cert -create -db qm2.p12 -pw password -label qm2 -dn "CN=qm2dn" -size 512 -x509version 3 -expire 365 -fips -sig_alg SHA1WithRSA
```

# Extracting the public part of a self-signed certificate from a key repository
```bash
runmqakm -cert -extract -db qm1.p12 -pw password -label qm1 -target qm1pub.crt -format ascii -fips
runmqakm -cert -extract -db qm2.p12 -pw password -label qm2 -target qm2pub.crt -format ascii -fips
```

# Adding a CA certificate, or the public part of a trusted certificate, into a key repository
```bash
runmqakm -cert -add -db qm1.p12 -pw password -label qm2 -file qm2pub.crt -format ascii -fips
runmqakm -cert -add -db qm2.p12 -pw password -label qm1 -file qm1pub.crt -format ascii -fips
```