Posts Tagged ‘#ibmmq’

Problem Description As I mentioned in one the previous posts: MQCSP structures, containing the user ID and password of the user being authenticated, are sent in the clear across the network, if you’re not using TLS to encrypt your traffic. For example, if you setup LDAP for authentication (as described in the previous post), start […]

August 8, 2019. Due to a security vulnerability, IBM changed the order of operations when authenticating users in v9.1. This is important if you setup your security on a prior version and then migrate to v9.1. Your security rules might stop working as you intended. In this post, we will talk about “channel early adoption” […]

IBM MQ user authentication An IBM MQ queue manager can be configured to authenticate connecting users. But it does not keep a list of users or their passwords. That is the functionality that MQ leaves to external resources. There are two options you can choose from: Authenticate using the operating system Authenticate using a Lightweight […]

July 26, 2019. This week we’ll look at how we can improve the security of a queue manager by using MQ channel authentication records. Introduction Many MQ admins think that channel authentication is complicated to setup and requires a lot of micro-management. I am going to show you that channel authentication is a great MQ […]

July 12, 2019 In this post, we will take a look at enabling TLS for IBM MQ inter-cluster communication. Enabling TLS on the MQ cluster is one of the easiest things you can do for the security of your MQ infrastructure. Prerequisites First of all, you need to have your key stores setup on all […]