setmqweb remote (set mqweb server remote queue manager configuration)

To set the WLP_USER_DIR environment variable, enter the following command:

export WLP_USER_DIR=WLP_user_directory

where WLP_user_directory is the name of the directory that is passed to crtmqweb. For example:

export WLP_USER_DIR=/var/mqm/web/installation1

The user ID running the command needs write access to the following directories:

• WLP_user_directory and its subdirectories.
• /tmp or to another directory that is referenced by the TMPDIR variable. If you do not have access to /tmp, the command fails with message FSUMF315 Cannot define temporary file. If you need to set the TMPDIR variable, issue the following command in the z/OS UNIX shell: export TMPDIR=user_directory

add

Add an entry to the remote queue manager connection information instead of editing an existing entry.

-group

Whether this remote queue manager connection is part of a queue manager group.

This option can be used only when adding a new remote queue manager connection, and is valid only for the messaging REST API.

-uniqueName uniqueID

A unique name for the remote queue manager connection. This is the name that appears in the IBM MQ Console.

Use a name that makes it clear that the queue manager is remote. For example, if you are specifying a unique name for remote connections to queue manager QM2, you could specify the remote name "remote-QM2".

The unique name must be specified in the following cases:

• To add a new remote queue manager connection when a queue manager with the same name might already exist in the remote queue manager connection information. In this case you must also specify the -qmgrName parameter to specify the queue manager that you are creating a unique name for.
• To delete a remote queue manager connection that has a unique name.
• To modify a remote queue manager connection that has a unique name.

-qmgrName qmgrName

The name of the queue manager to add or update.

This parameter must be specified to add a new remote queue manager connection. The name appears as remote_qmgrName in the IBM MQ Console.

-sf keyfilePath

The location of the key file that contains the initial encryption key that is used to encrypt the passwords that are stored in the remote queue manager connection information.

The initial key is a file that must contain a single line of at least one character. However, you should use a key that is at least 16 characters. For example, your initial key file might contain the following encryption key:

Th1sIs@n3Ncypt|onK$y

Ensure that your key file is adequately protected by using the operating system permissions, and that the encryption key is unique to the key file.

If you do not provide a key file, a default key is used.

You can also provide the path to the key file by using the MQS_REMOTE_KEYFILE environment variable.

-jsonkey value|-d|-i

jsonkey

The name of the property to add, update, or remove. To add or update a value, specify the value after the jsonkey property. To delete a value, specify the -d flag after the jsonkey property.

You can add, update, or remove two types of properties. The first type are global properties that you can set with the setmqweb remote command without specifying a queue manager name or unique name. The second type are properties that are specific to a single remote queue manager connection. These properties can be set with the setmqweb remote command only if you also specify a queue manager name, a unique name, or both.

The following values are valid jsonkey values that you must specify without a queue manager name or unique name in the setmqweb remote command:

globalTrustStorePath

The path to the truststore JKS file. This truststore is used for all remote connections unless it is overridden by specific remote queue manager connection information in the trustStorePath entry.

The value for this jsonkey is a string value.

globalTrustStorePassword

The password for the global truststore.

The value for this jsonkey is a string value, and it is encrypted in the remote queue manager connection information.

globalKeyStorePath

The path to the keystore JKS file. This keystore is used for all remote connections unless it is overridden by a specific remote queue manager connection information in the keyStorePath entry.

globalKeyStorePassword

The password for the global keystore.

The value for this jsonkey is a string value, and it is encrypted in the remote queue manager connection information.

The following values are valid jsonkey values that require you to specify a queue manager name or unique name in the setmqweb remote command:

ccdtURL

The path to the CCDT file that is associated with the remote queue manager.

The value for this jsonkey is a string value.

username

The username that is used for the remote queue manager connection.

The value for this jsonkey is a string value.

password

The password that is associated with the username that is used for the remote queue manager connection.

The value for this jsonkey is a string value, and it is encrypted in the remote queue manager connection information.

enableMutualTLS

Whether this remote queue manager connection adds a keystore to enable mutual TLS.

The value for this jsonkey is a Boolean value.

keyStorePath

The path to the keystore JKS file.

The value for this jsonkey is a string value, and it overrides the global keystore value.

keyStorePassword

The password for the keystore file.

The value for this jsonkey is a string value, and it is encrypted in the remote queue manager connection information.

trustStorePath

The path to the truststore JKS file.

The value for this jsonkey is a string value, and it overrides the global truststore value.

trustStorePassword

The password for the truststore file.

The value for this jsonkey is a string value, and it is encrypted in the remote queue manager connection information.

visibility

Whether this remote queue manager connection can be used by the messaging REST API, the IBM MQ Console, or both.

The value for this jsonkey can be one of the following values:

messaging

The queue manager connection can be used only by the messaging REST API.

console

The queue manager connection can be used only by the IBM MQ Console.

messaging,console

The queue manager connection can be used by either the messaging REST API or the IBM MQ Console.

The value for this jsonkey is a string value. The default value is messaging,console.

value

The value of the JSON key entry to add or update.

The values are case-sensitive and must be enclosed in double quotation marks.

-d

Delete the specified property from the remote connection information.

-i

Enable interactive mode for the specified JSON key entry. You are then prompted for the JSON key value as the command runs.

-d

Delete the connection information for the queue manager with the specified unique name.

-r

Reset and remove all remote connection information.

-l

Enable verbose logging. Diagnostic information is written to an mqweb server log file.

The following example sets the path to the global keystore for remote queue manager connections:

setmqweb remote -globalTrustStorePath "c:\supersecure\keys.jks"

The following example creates a new entry for a queue manager, QM2, in the remote queue manager connection information. The example sets the CCDT URL, a username and password to use with the connection, and a keystore path:

setmqweb remote add -qmgrName "QM2" -ccdtURL "c:\myccdts\cdt.json" -username "user" -password "password" -keyStorePath "c:\supersecure\keys.jks"

The following example creates a new entry for a different queue manager that is also named QM2, and specifies a unique name to differentiate between the two QM2 queue managers. The example sets the CCDT URL, a username, and a password. The example uses the -i option to interactively enter the password that is associated with the username when the command runs:

setmqweb remote add -uniqueName qm2remote -qmgrName "QM2" -ccdtURL "c:\myccdts\cdt.json" -username "mqadmin" -password -i