Question & Answer
Question
For IBM MQ AMS, if there are multiple recipients in policy, will the encrypted message be sent multiple times? One copy per recipient?
For example, use below command to set AMS policy:
setmqspl -m QM1 -p Q1 -e AES256 -r "CN=TESTA,O=IBM,C=US" -r "CN=TESTB,O=IBM,C=US"
Will the encrypted message be sent twice?
Answer
The message data is replaced with a PDMQ header and followed by a PKCS#7 envelope, that is:
PDMQ header
+
PKCS#7 envelope
.
Where "PKCS#7 envelope" consists of encrypted message data PLUS a sealed copy of the symmetric key for each recipient.
PDMQ header
+
PKCS#7 envelope
.
Where "PKCS#7 envelope" consists of encrypted message data PLUS a sealed copy of the symmetric key for each recipient.
Only one copy of the message is sent, but each recipient that is added will increase the size of the message payload as a sealed copy of the symmetric key for each recipient is added.
+++ end +++
[{"Type":"MASTER","Line of Business":{"code":"LOB45","label":"Automation"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSYHRD","label":"IBM MQ"},"ARM Category":[{"code":"a8m0z00000008QNAAY","label":"Security-\u003EAdvanced Message Security"}],"ARM Case Number":"","Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All Versions"}]
Was this topic helpful?
Document Information
Modified date:
18 December 2023
UID
ibm17099298