Security stanza of the client configuration file

Use the Security stanza to disable or enable AMS for client connections to a queue manager.

Note: The description of each attribute of this stanza indicates which IBM® MQ clients can read that attribute. For a summary table for all IBM MQ MQI client configuration file stanzas, see Which IBM MQ attributes can be read by each client.

The following attribute can be included in the Security stanza:

DisableClientAMS = NO|YES

The DisableClientAMS attribute allows you to disable IBM MQ Advanced Message Security (AMS) if you are using an IBM MQ client to connect to a queue manager from an earlier version of the product and a 2085 (MQRC_UNKNOWN_OBJECT_NAME) error is reported.

IBM MQ Advanced Message Security (AMS) is automatically enabled in an IBM MQ client and so, by default, the client tries to check the security policies for objects at the queue manager.

The following examples show how to use the DisableClientAMS attribute:

To disable AMS:
```
Security:
DisableClientAMS=Yes
```
To enable AMS:
```
Security:
DisableClientAMS=No
```

This attribute can be read by C, IBM MQ classes for Java, and IBM MQ classes for JMS clients.

MQIInitialKeyFile = pathname

The full path and name of the file containing the initial key that was used to encrypt credentials provided by the client. The initial key must be specified if an initial key file was specified when the key repository passphrase was encrypted using the runmqicred utility.

This attribute can be read by C, and unmanaged .NET clients.