Using IBM MQ AMS with IBM MQ Managed File Transfer
This scenario explains how to configure IBM® MQ Advanced Message Security to provide message privacy for data being sent through an IBM MQ Managed File Transfer.
Before you begin
If your IBM MQ Managed File Transfer agents are connecting in bindings mode, ensure you also have the IBM Global Security Kit (GSKit) component installed on their local installation.
About this task
In this scenario
we consider a simple topology comprising one machine with two IBM MQ Managed File
Transfer queues and two agents, AGENT1
and
AGENT2
, sharing a single queue manager, as described in the scenario Scenario overview. Both agents
connect in the same way, either in bindings mode or client mode.
1. Creating certificates
Before you begin
ftagent
in a group
FTAGENTS
is used to run the IBM MQ Managed File
Transfer
agent processes. If you are using your own user and group names, change the commands accordingly. About this task
Note:
- If your IBM MQ Managed File Transfer agents are running in bindings mode, the commands that you use to create a CMS (Cryptographic Message Syntax) keystore are detailed in the Quick Start Guide ( Windows or UNIX ) for your platform.
- If your IBM MQ Managed File Transfer agents are running in client mode, the commands you will need to create a JKS ( Java Keystore) are detailed in the Quick Start Guide for IBM MQ AMS with Java clients.
Procedure
2. Configuring message protection
About this task
AGENT2
,
using the setmqspl command. In this scenario the same user is used to start both
agents, and therefore the signer and receiver DN are the same and match the certificate we
generated. Procedure
Results
AGENT1
to
AGENT2
, and the file contents will be transmitted securely between the two agents.