Prior to using queue-based security, MQe-owned authenticatable
entities must have credentials. This is achieved by completing the correct
configuration so that auto-registration of queue managers is triggered. This
requires the following steps:
- Setup and start an instance of MQe mini-certificate issuance service.
- Using MQe_MiniCertificateServer, add the name of the queue manager as
a valid authenticatable entity, and the entity's one-time-use certificate
request PIN.
- Configure MQePrivateClient1.ini and MQePrivateServer1.ini so
that when queue managers are created using SimpleCreateQM, auto-registration
is triggered. This section explains which keywords are required in the registry
section of the ini files, and where to use the entity's one-time-use
certificate request PIN.
Prior to using message-level security to protect messages using MQeMTrustAttribute,
the application must use private registry services to ensure that the initiating
and recipient entities have credentials. This requires the following steps:
- Setup and start an instance of MQe mini-certificate issuance service.
- Add the name of the application entity, and allocate the entity a one-time-use
certificate request PIN.
- Use a program similar to the pseudo-code
fragment below to trigger auto-registration of the application entity . This
creates the entity's credentials and saves them in its private registry.
/* SIMPLE MQePrivateRegistry FRAGMENT*/
try
{
/* setup PrivateRegistry parameters */
String EntityName = "Bruce";
String EntityPIN = "11111111";
Object KeyRingPassword = "It_is_a_secret";
Object CertReqPIN = "12345678";
Object CAIPAddrPort = "9.20.X.YYY:8082";
/* instantiate and activate a
Private Registry. */
MQePrivateRegistry preg = new MQePrivateRegistry( );
preg.activate( EntityName,
/* entity name */
".//MQeNode_PrivateRegistry",
/* directory root */
EntityPIN,
/* private reg access PIN */
KeyRingPassword,
/* private credential keyseed */
CertReqPIN,
/* on-time-use Cert Req PIN */
CAIPAddrPort );
/* addr and port MiniCertSvr */
trace(">>> PrivateRegistry activated OK ...");
}
catch (Exception e)
{
e.printStackTrace( );
}