SSL security and IIB

Create new keystore:
keytool -genkey -alias {server name} -keystore {keystore name}.jks -keysize 2048

Import certificate into key store:
keytool -import -alias {name} -file {certificate file} -keystore {keystore name}

List verbose contents of the keystore:
keytool -list -v -keystore {keystore name}

Delete alias from keystore:
keytool -delete -alias {name} -keystore {keystore name}

set truststoreFile, truststorePassword, truststoreType on integration server (not broker, if you want broker use -o BrokerRegistry)
mqsichangeproperties {broker name} -o ComIbmJVMManager -e {integration server name} -n {property name} -v {property value}

In case you get No X509TrustManager implementation available exception, probably the problem is broker or integration server can’t find path to truststore, or you have incompatible truststore created.
In case you get the trustAnchors must be non-empty exception, your trust store is either empty, or you have incorrect password, or you don’t have correct certificate to perform handshake


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s