Accessing CRLs and ARLs with an IBM MQ MQI client
You have three options for specifying the LDAP servers that hold CRLs for checking by an IBM® MQ MQI client.
Note that in this section, information about Certificate Revocation Lists (CRLs) also applies to Authority Revocation Lists (ARLs).
The three ways of specifying the LDAP servers are as follows:
- Using a channel definition table
- Using the SSL configuration options structure, MQSCO, on an MQCONNX call
- Using the Active Directory (on Windows systems with Active Directory support)
You can include up to 10 connections to alternative LDAP servers to ensure continuity of service if one or more LDAP servers fail. Note that the LDAP servers must contain identical information.
You cannot access LDAP CRLs from an IBM MQ MQI client channel running on Linux® ( zSeries platform).