Ensuring security in any cloud-based software service is always of maximum importance. 

IBM MQ on Cloud is continually working on maintaining a reliable and secure environment. As part of our continual rollout of queue manager upgrades, we are always looking for ways to improve the experience for our users, ensuring security of queue managers and that data is never compromised.

TLS enabled by default on all new MQ on Cloud queue managers

TLS security will now be enabled by default on both of the predefined application channels on all MQ on Cloud queue managers running version 9.2.2 revision 1 or above. The predefined channels ‘CLOUD.ADMIN.SVRCONN’ and ‘CLOUD.APP.SVRCONN’ are now configured to use SSL cipher specification ‘ANY_TLS12_OR_HIGHER’. All applications connecting to a queue manager using a TLS-enabled channel must trust the Let’s Encrypt CA certificate from the queue manager in order to successfully connect. 

How to connect admin applications to a TLS-enabled queue manager

To connect using an administration client, such as MQ Explorer or runmqsc, you will need some additional configuration to connect via the predefined channels.

Here are links to relevant topics that will walk you through how to connect administrative applications to your cloud queue manager using TLS:

How to connect client applications to a TLS-enabled queue manager

Connecting an application securely to an MQ on Cloud queue manager requires additional configuration. In the MQ on Cloud documentation, we have provided guides on how to connect an MQ sample application and examples for how to configure a JMS application using TLS.

Configuring new channels to use TLS

When configuring additional application channels, it is highly recommended to use TLS channels in order to protect credentials and data between applications and queue managers. It is, therefore, strongly advised that if you create user-defined channels in your MQ on Cloud queue manager, to consider enabling TLS on them and following our detailed guides on how to configure your applications to form a secure connection.

Details on how to configure TLS on userdefined channels.


More from Announcements

IBM TechXchange underscores the importance of AI skilling and partner innovation

3 min read - Generative AI and large language models are poised to impact how we all access and use information. But as organizations race to adopt these new technologies for business, it requires a global ecosystem of partners with industry expertise to identify the right enterprise use-cases for AI and the technical skills to implement the technology. During TechXchange, IBM's premier technical learning event in Las Vegas last week, IBM Partner Plus members including our Strategic Partners, resellers, software vendors, distributors and service…

Introducing Inspiring Voices, a podcast exploring the impactful journeys of great leaders

< 1 min read - Learning about other people's careers, life challenges, and successes is a true source of inspiration that can impact our own ambitions as well as life and business choices in great ways. Brought to you by the Executive Search and Integration team at IBM, the Inspiring Voices podcast will showcase great leaders, taking you inside their personal stories about life, career choices and how to make an impact. In this first episode, host David Jones, Executive Search Lead at IBM, brings…

IBM watsonx Assistant and NICE CXone combine capabilities for a new chapter in CCaaS

5 min read - In an age of instant everything, ensuring a positive customer experience has become a top priority for enterprises. When one third of customers (32%) say they will walk away from a brand they love after just one bad experience (source: PWC), organizations are now applying massive investments to this experience, particularly with their live agents and contact centers.  For many enterprises, that investment includes modernizing their call centers by moving to cloud-based Contact Center as a Service (CCaaS) platforms. CCaaS solutions…

See what’s new in SingleStoreDB with IBM 8.0

3 min read - Despite decades of progress in database systems, builders have compromised on at least one of the following: speed, reliability, or ease. They have two options: one, they could get a document database that is fast and easy, but can’t be relied on for mission-critical transactional applications. Or two, they could rely on a cloud data warehouse that is easy to set up, but only allows lagging analytics. Even then, each solution lacks something, forcing builders to deploy other databases for…