http://tinyurl.com/npdqhok Hurry and get 25%off at SSL
Starting with a Linux VM and no defined queue managers, it is possible to create two queue managers, define their respective listeners, transmission queues and channel pairs, generate two QMgr certificates, exchange the certificates, start the channels and send messages across, all in under 5 minutes. Note that this results in mutually authenticated peer-checked SSL channels, which we can run without disabling any of the out-of-the-box security provided by MQ. Here are the commands that I used during the video: crtmqm ASH strmqm ASH crtmqm BIRCH strmqm BIRCH runmqsc ASH DEF LISTENER(TCP.1414) TRPTYPE(TCP) CONTROL(QMGR) PORT(1414) REPLACE START LISTENER(TCP.1414) DEF QL(BIRCH) USAGE(XMITQ) TRIGGER INITQ(SYSTEM.CHANNEL.INITQ) REPLACE DEF CHL(ASH.BIRCH) CHLTYPE(SDR) TRPTYPE(TCP) XMITQ(BIRCH) SSLCIPH('TLS_RSA_WITH_AES_128_CBC_SHA') CONNAME('127.0.0.1(1415)') REPLACE DEF CHL(BIRCH.ASH) CHLTYPE(RCVR) TRPTYPE(TCP) MCAUSER(' ') SSLCIPH('TLS_RSA_WITH_AES_128_CBC_SHA') SSLCAUTH(REQUIRED) SSLPEER('CN=BIRCH') REPLACE runmqsc BIRCH DEF LISTENER(TCP.1415) TRPTYPE(TCP) CONTROL(QMGR) PORT(1415) REPLACE START LISTENER(TCP.1415) DEF QL(ASH) USAGE(XMITQ) TRIGGER INITQ(SYSTEM.CHANNEL.INITQ) REPLACE DEF CHL(BIRCH.ASH) CHLTYPE(SDR) TRPTYPE(TCP) XMITQ(ASH) SSLCIPH('TLS_RSA_WITH_AES_128_CBC_SHA') CONNAME('127.0.0.1(1414)') REPLACE DEF CHL(ASH.BIRCH) CHLTYPE(RCVR) TRPTYPE(TCP) MCAUSER(' ') SSLCIPH('TLS_RSA_WITH_AES_128_CBC_SHA') SSLCAUTH(REQUIRED) SSLPEER('CN=ASH') REPLACE cd /var/mqm/qmgrs/ASH/ssl runmqakm -keydb -create -db key.kdb -pw passw0rd -stash runmqakm -cert -create -db key.kdb -label ibmwebspheremqash -stashed -size 2048 -sigalg SHA512WithRSA -dn CN=ASH runmqakm -cert -extract -db key.kdb -label ibmwebspheremqash -file ash.arm -stashed cd /var/mqm/qmgrs/BIRCH/ssl runmqakm -keydb -create -db key.kdb -pw passw0rd -stash runmqakm -cert -create -db key.kdb -label ibmwebspheremqbirch -stashed -size 2048 -sigalg SHA512WithRSA -dn CN=BIRCH runmqakm -cert -extract -db key.kdb -label ibmwebspheremqbirch -file birch.arm -stashed runmqakm -cert -add -db key.kdb -label "ASH" -file /var/mqm/qmgrs/ASH/ssl/ash.arm -format ascii -stashed runmqakm -cert -add -db /var/mqm/qmgrs/ASH/ssl/key.kdb -label "BIRCH" -file birch.arm -format ascii -stashed # Open a new window # Run the amqsget in one window /opt/mqm/samp/bin/amqsget SYSTEM.DEFAULT.LOCAL.QUEUE BIRCH # And the amqsput in another window /opt/mqm/samp/bin/amqsput SYSTEM.DEFAULT.LOCAL.QUEUE ASH 8208 0 BIRCH
