IBM Support

Using SSL TLS in MQ 9.2 to connect a C-based client in Windows to a queue manager in Linux, using self-signed certificates, 2-way authentication

Troubleshooting


Problem

The objective of this document is to provide step-by-step details to:
- connect an MQ 9.2 C-based client from Windows
- to a single-instance queue manager running MQ 9.2 in Linux,
- using self-signed certificates (ok for Test queue managers, but not for Production, because no Certification Authority is involved, no root certificates).
- 2-way authentication (client authenticates the queue manager, and the queue manager authenticates the client).
- using the runmqckm (iKeycmd) from the command line, that is, not using the strmqikm (iKeyman) GUI.
.
The MQ sample amqssslc is used for testing, because it does not require an MQ CCDT file.
.
For illustration purposes the following protocol will be used:
   TLS 1.3 compliant: TLS_AES_128_GCM_SHA256


Document Location

Worldwide


[{"Type":"MASTER","Line of Business":{"code":"LOB77","label":"Automation Platform"},"Business Unit":{"code":"BU048","label":"IBM Software"},"Product":{"code":"SSYHRD","label":"IBM MQ"},"ARM Category":[{"code":"a8m0z00000008JwAAI","label":"Security-\u003ETLS (SSL)"}],"ARM Case Number":"TS005910171","Platform":[{"code":"PF002","label":"AIX"},{"code":"PF016","label":"Linux"},{"code":"PF033","label":"Windows"}],"Version":"All Versions"},{"Product":{"code":"SSKM59","label":"IBM MQ for HPE NonStop"},"Business Unit":{"code":"BU048","label":"IBM Software"},"Component":" ","Platform":[{"code":"","label":""}],"Version":"","Edition":"","Line of Business":{"code":"LOB77","label":"Automation Platform"}},{"Product":{"code":"SS5K6E","label":"IBM MQ Appliance"},"Business Unit":{"code":"BU053","label":"Cloud \u0026 Data Platform"},"Component":" ","Platform":[{"code":"","label":""}],"Version":"","Edition":"","Line of Business":{"code":"LOB36","label":"IBM Automation"}}]

Log InLog in to view more of this document

This document has the abstract of a technical article that is available to authorized users once you have logged on. Please use Log in button above to access the full document. After log in, if you do not have the right authorization for this document, there will be instructions on what to do next.

Document Information

More support for:
IBM MQ

Component:
Security->TLS (SSL)

Software version:
All Versions

Operating system(s):
AIX, Linux, Windows

Document number:
6470619

Modified date:
28 April 2025

UID

ibm16470619

Manage My Notification Subscriptions