Accessing CRLs and ARLs using WebSphere MQ Explorer

 

Note that in this section, information about Certificate Revocation Lists (CRLs) also applies to Authority Revocation Lists (ARLs).

We can use WebSphere MQ Explorer to tell a queue manager how to access CRLs.

Use the following procedure to set up an LDAP connection to a CRL:

1. Ensure that you have started your queue manager.

2. In WebSphere MQ Explorer, expand the Advanced folder of your queue manager.

3. Right-click the Authentication Information folder and click New -> Authentication Information. In the property sheet that opens:

   1. On the first page Create Authentication Information, enter a name for the CRL(LDAP) object.

   2. On the General page of Change Properties, select the connection type. Optionally we can enter a description.

   3. Select the CRL(LDAP) page of Change Properties.

   4. Enter the LDAP server name as either the network name or the IP address.

   5. If the server requires login details, provide a user ID and if necessary a password.

   6. Click OK.

4. Right-click the Namelists folder and click New -> Namelist. In the property sheet that opens:

   1. Type a name for the namelist.

   2. Add the name of the CRL(LDAP) object (from step 3.a) to the list.

   3. Click OK.

5. Right-click the queue manager, select Properties, and select the SSL page:

   1. Select the Check certificates received by this queue manager against Certification Revocation Lists check box.

   2. Type the name of the namelist (from step 4.a) in the CRL Namelist field.

 

Parent topic:

Accessing CRLs and ARLs with a queue manager

sy12730_