Configuring Advanced Message Security for z/OS
Use these topics as a step by step guide for configuring Advanced Message Security (AMS).
Before you begin
- From IBM® MQ for z/OS® 9.1.3 onwards, ignore
For versions of IBM MQ for z/OS prior to IBM MQ 9.1.3, APF authorize the library thqual.SDRQAUTH, as described in APF authorize the IBM MQ load libraries.
- Add the CSQ0DRTM module to the LPA, as described in Update the z/OS link list and LPA.
- Add an entry for CSQ0DSRV to the z/OS program properties table (PPT), as described in Update the z/OS program properties table.
- Include the CSQ4INSM member in the CSQINP2 concatenation of queue manager started task procedure, as described in Customize the initialization input data sets.
- For versions of IBM MQ for z/OS prior to
IBM MQ 9.1.3, include the thqual.SDRQAUTH library in the
queue manager STEPLIB concatenation, as described in Create procedures for the IBM MQ queue manager.
From IBM MQ for z/OS 9.1.3 onwards, you can enable AMS using the AMSPROD attribute. See product usage recording with IBM MQ for z/OS products for more details.
What to do next
Configure policies for queues protected by AMS. Security policies are described in Administering Advanced Message Security security policies.
There are examples of AMS configurations in Example configurations on z/OS.