rasmus/mq-self-signed-tls-example
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
d3a51dc2b4a7395d2d3a28ece40e0bce910bd525
mq-self-signed-tls-example/readme.md
Rasmus Lauritsen d3a51dc2b4 first commit
2025-03-24 22:39:15 +01:00

1.5 KiB
Raw Blame History

Start queue managers

docker run --name qm1 --env LICENSE=accept --env MQ_QMGR_NAME=QM1 --publish 1414:1414 --publish 9443:9443 --volume ./certs:/certs --detach icr.io/ibm-messaging/mq:latest
docker run --name qm2 --env LICENSE=accept --env MQ_QMGR_NAME=QM2 --publish 1415:1414 --publish 9444:9443 --volume ./certs:/certs --detach icr.io/ibm-messaging/mq:latest

Login to a container

docker exec -it qm1 /bin/bash

Creates a PKCS #12 key repository file

runmqakm -keydb -create -db qm1.p12 -pw password -type pkcs12
runmqakm -keydb -create -db qm2.p12 -pw password -type pkcs12

create a self-signed personal certificate

runmqakm -cert -create -db qm1.p12 -pw password -label qm1 -dn "CN=qm1dn" -size 512 -x509version 3 -expire 365 -fips -sig_alg SHA1WithRSA
runmqakm -cert -create -db qm2.p12 -pw password -label qm2 -dn "CN=qm2dn" -size 512 -x509version 3 -expire 365 -fips -sig_alg SHA1WithRSA

Extracting the public part of a self-signed certificate from a key repository

runmqakm -cert -extract -db qm1.p12 -pw password -label qm1 -target qm1pub.crt -format ascii -fips
runmqakm -cert -extract -db qm2.p12 -pw password -label qm2 -target qm2pub.crt -format ascii -fips

Adding a CA certificate, or the public part of a trusted certificate, into a key repository

runmqakm -cert -add -db qm1.p12 -pw password -label qm2 -file qm2pub.crt -format ascii -fips
runmqakm -cert -add -db qm2.p12 -pw password -label qm1 -file qm1pub.crt -format ascii -fips
Reference in New Issue View Git Blame Copy Permalink