Accessing CRLs and ARLs with a WebSphere MQ client
Note that in this section, information about Certificate Revocation Lists (CRLs) also applies to Authority Revocation Lists (ARLs).
You have three options for specifying the LDAP servers that hold CRLs for checking by a WebSphere MQ client:
- Using a channel definition table
- Using the SSL configuration options structure, MQSCO, on an MQCONNX call
- Using the Active Directory (on Windows systems with Active Directory support)
For more information, refer to the WebSphere MQ Clients book, the Application Programming Reference, and the setmqcrl command in the WebSphere MQ System Administration Guide.
We can include up to 10 connections to alternative LDAP servers to ensure continuity of service if one or more LDAP servers fail. Note that the LDAP servers must contain identical information.
We cannot access LDAP CRLs from a WebSphere MQ client channel running on Linux (zSeries platform).
Parent topic:
Accessing CRLs and ARLs
sy12740_