Creating a queue manager with an encrypted file system

You can specify that a queue manager has an encrypted file system when you create it.

About this task

When you create a queue manager, either by using the crtmqm command or by using the IBM® MQ Console, you can specify that it has an encrypted file system. You specify a passphrase of between 1 and 512 characters for the encrypted file space when you create the queue manager. The appliance stores a copy of the passphrase on its encrypted flash storage, which is used whenever the file system is mounted.

Procedure

To create a queue manager with an encrypted file system by using the command line interface:
  1. Enter the IBM MQ administration mode by entering the following command: 
    mqcli
  2. Enter the following command to create a queue manager with an encrypted file system: 
    crtmqm -fe [-fp passphrase] queue_manager
    If you do not specify a passphrase as part of the command, you are prompted for a passphrase when you run the command. You should keep a copy of the passphrase somewhere safe.

    You can use other crtmqm parameters as part of the command, see crtmqm (create queue manager).

    You can also create an HA or a DR queue manager with an encrypted file system, see Creating a high availability queue manager and Configuring queue managers for disaster recovery by using the command line.

For information on creating a queue manager with an encrypted file system by using the console, see IBM MQ Console: Working with local queue managers.