The objective of this technical document is to provide information on Troubleshooting MQ SSL/TLS issues. In this Part 1, we will deal specifically with SSL Keystore and certificate issues.
Table of Contents:
Part 1 - Troubleshooting MQ certificate issues
Some MQ SSL Basics
A simplistic view of a certificate
Basic MQ Management commands
Simplified MQ certificate process
Troubleshooting Keystore/Certificate issues
I - Certificate keystore exists and is valid/accessible
II - Certificates exist, Certificate names are correct
III - Certificate chain to a CA Root certificate exists and is valid
IV - Certificates are marked as "Trusted"
V - Certificate dates are good.
VI - Certificates are not revoked.
VII - Remote certificate passed during SSL negotiation is validated.
VIII – Ensure the correct signer certificates were exchanged
Diagnostics to collect if IBM support needed: (for SSL keystore/certificate issue)
Related Links and Information
17 June 2018