For sending a message to queue from C samples under mq instalation we need to do the following steps:
export MQSERVER=SVRCONN.CHANNEL/TCP/'127.0.0.1(1416)'
export MQSAMP_USER_ID=user
./opt/mqm/samp/bin/amqsputc QUEUE.NAME QMGR.NAME
On Windows it is necessary to add enviroment variable:
MQNOREMPOOL=1
Important links:
Showing posts with label MQ. Show all posts
Showing posts with label MQ. Show all posts
Friday, February 24, 2017
Sunday, June 5, 2016
How to create a IBM MQ Client Library using SSL for transmision? (PART II-II)
1. Emitir un
certificado para una aplicación cliente en C
Cada aplicación debe
tener su propio certificado con un nombre distinguido. Cada nombre distinguido
debe ser único en la red del Websphere MQ.
Cambiar el directorio
donde se encuentra localizado la llave del repositorio donde será creado
/application:
user@user-vbox:~/code/ssl$
mkdir applicationuser@user-vbox:~/code/ssl$ cd application/user@user-vbox:~/code/ssl/application$
Y emitir el siguiente
comando para crear la llave de la base de datos de la aplicación:
user@user-vbox:~/code/ssl/application$ /opt/mqm/bin/runmqckm -keydb
-create -db myapp.kdb -type cms -stash
A password is required to access the source key database.
Please enter a password:
A password is required to access the source key database.
Please enter a password:
1.2. Crear el
certificado de solicitud
Introduce el
siguiente comando:
user@user-vbox:~/code/ssl/application$
/opt/mqm/bin/runmqckm -certreq -create -db myapp.kdb -type cms -dn
"CN=myAppName,O=sysEnterprise,OU=sysDeparment,L=Mexico,C=MX" -label
"ibmwebspheremquser" -file myapp.req
A password is required to access the source key database.
Please enter a
password:
1.3. Transferir la
solicitud
Transferir el archivo
de solicitud del certificado myapp.req para el directorio dodne se encuentra
localizado los archivos CA.
user@user-vbox:~/code/ssl/application$ cp myapp.req /home/user/code/ssl/appCAdir/
1.4. Firmar la
aplicación con el certificado
Ejecutar siguiente comando:
user@user-vbox:~/code/ssl/appCAdir$ /opt/mqm/bin/runmqckm -cert -sign
-db appCA.kdb -label "appCAcertificate" -expire 365 -format ascii
-file myapp.req -target myapp.cer
1.5 Transferir el
certificado firmado
Transferir el
certificado firmado, myapp.cer y el certificado publico de CA de regreso
/application
user@user-vbox:~/code/ssl/appCAdir$ cp myapp.cer /home/user/code/ssl/application/user@user-vbox:~/code/ssl/appCAdir$
cp appCAcertfile.cer /home/user/code/ssl/application/
1.6. Agregar el
certificado CA
Agregar el
certificado a un repositorio llave de la aplicación:
user@user-vbox:~/code/ssl/application$ /opt/mqm/bin/runmqckm -cert -add
-db myapp.kdb -type cms -file appCAcertfile.cer -label "theCAcert"
A password is required to access the source key database.
Please enter a password:
A password is required to access the source key database.
Please enter a password:
1.7. Recibir el certificado firmado
user@user-vbox:~/code/ssl/application$ /opt/mqm/bin/runmqckm -cert
-receive -db myapp.kdb -type cms -file myapp.cer
A password is required to access the source key database.
Please enter a
password:
Iniciar el gestor de
colas si no esta ya ejecutándose:
user@user-vbox:~/code/ssl/application$ strmqm appqmgr01
Una definición
apropiada del canal SVRCONN debe de crearse. Esto se puede lograr en cualquier
directorio:
user@user-vbox:~/code/ssl/application$ /opt/mqm/bin/runmqsc appqmgr01
DEFINE CHANNEL(MY.SEC.SVRCONN.CHL) CHLTYPE(SVRCONN) TRPTYPE(TCP)
SSLCAUTH(REQUIRED) SSLCIPH(RC4_MD5_US)
END
1.8.2. Iniciar el
listener
Si el listener no
esta activo en el gestor de colas:
user@user-vbox:~/code/ssl/application$ /opt/mqm/bin/runmqsc appqmgr01
DEFINE CHANNEL(MY.SEC.SVRCONN.CHL) CHLTYPE(SVRCONN) TRPTYPE(TCP)
SSLCAUTH(REQUIRED) SSLCIPH(RC4_MD5_US)
END
1.8.2. Agregar variable de entorno
user@user-vbox:~/code/ssl/application$ MQSSLKEYR=/home/user/code/ssl/applicationuser@user-vbox:~/code/ssl/application$
export MQSSLKEYRuser@user-vbox:~/code/ssl/application$ echo $MQSSLKEYR
/home/user/code/ssl/application
user@user-vbox:~/code/ssl/application$
1.8.3. Codigo de programa en C para enviar un mensaje
1.8.3. Compilación
del programa en GCC
gcc -m64 -o PutSample
PutSample.c -I/opt/mqm/inc -L/opt/mqm/lib64 -Wl,-rpath=/opt/mqm/lib64
-Wl,-rpath=/usr/lib64 -lmqic
(EN REVISION)
Otros enlaces:
- https://github.com/osanchezh/mqclientssl-app
- https://docs.oracle.com/cd/E19909-01/817-3729/examples.html
- https://docs.oracle.com/cd/E19509-01/820-3503/ggfai/index.html
Best regards,
How to create a IBM MQ Client Library using SSL for transmision? (PART I-II)
1. Ambiente de desarrollo
2.1. Crear una llave para el repositorio CA
Crear un directorio, y dentro del directorio crear el archivo con la llave del repositorio:
user@user-vbox:~/code/ssl$ mkdir appCAdir
user@user-vbox:~/code/ssl$ cd appCAdir/
user@user-vbox:~/code/ssl/appCAdir$ /opt/mqm/bin/runmqckm -keydb -create -db appCA.kdb -type cms
user@user-vbox:~/code/ssl/appCAdir$ /opt/mqm/bin/runmqckm -cert -create -db appCA.kdb -type cms -label "appCAcertificate" -dn "CN=appSysCAName,O=sysEnterprise,OU=sysDeparment,L=Mexico,C=MX" -expire 1000 -size 1024
Y es seguido del siguiente comando para crear con la llave de la base de datos para el gestor colas:
user @user-vbox:~/code/ssl/repository$ /opt/mqm/bin/runmqckm -cert -receive -db appqmgr.kdb -type cms -file appqmgr.cer
- Ubuntu 16.04
- IBM Message Queue 7.5
2.1. Crear una llave para el repositorio CA
Crear un directorio, y dentro del directorio crear el archivo con la llave del repositorio:
user@user-vbox:~/code/ssl$ mkdir appCAdir
user@user-vbox:~/code/ssl$ cd appCAdir/
user@user-vbox:~/code/ssl/appCAdir$ /opt/mqm/bin/runmqckm -keydb -create -db appCA.kdb -type cms
Ingresando
los comandos se solicitara crear una contraseña y deberá ingresar
para usar la llave CA del repositorio.
-expires:
define la cantidad de dias de expiracion del certificado
2.3
Extraer el certificado CA
Extraer
el certificado CA en un archivo llamado appCAcertfile.cer, el cual
transferiremos después a los repositorios del gestor de colas y
cliente de la aplicación.
user@user-vbox:~/code/ssl/appCAdir$ /opt/mqm/bin/runmqckm -cert -extract -db appCA.kdb -type cms -label "appCAcertificate" -target appCAcertfile.cer -format ascii
2.4
Emisor de un certificado para un gestor de colas
Cada
gestor de colas en la infraestructura debe tener su propio
certificado, con su propio nombre distinguido (DN), El DN debe ser
único con la red del Websphere MQ.
user@user-vbox:~/code/ssl/appCAdir$ /opt/mqm/bin/crtmqm appqmgr01
There are 89 days left in the trial period for this copy of WebSphere MQ.
WebSphere MQ queue manager created.
Directory '/var/mqm/qmgrs/appqmgr01' created.
The queue manager is associated with installation 'Installation1'.
Creating or replacing default objects for queue manager 'appqmgr01'.
Default objects statistics : 74 created. 0 replaced. 0 failed.
Completing setup.
Setup completed.
user@user-vbox:~/code/ssl/appCAdir$ /opt/mqm/bin/strmqm appqmgr01
There are 89 days left in the trial period for this copy of WebSphere MQ.
WebSphere MQ queue manager 'appqmgr01' starting.
The queue manager is associated with installation 'Installation1'.
5 log records accessed on queue manager 'appqmgr01' during the log replay phase.
Log replay for queue manager 'appqmgr01' complete.
Transaction manager state recovered for queue manager 'appqmgr01'.
WebSphere MQ queue manager 'appqmgr01' started using V7.5.0.2.
There are 89 days left in the trial period for this copy of WebSphere MQ.
WebSphere MQ queue manager created.
Directory '/var/mqm/qmgrs/appqmgr01' created.
The queue manager is associated with installation 'Installation1'.
Creating or replacing default objects for queue manager 'appqmgr01'.
Default objects statistics : 74 created. 0 replaced. 0 failed.
Completing setup.
Setup completed.
user@user-vbox:~/code/ssl/appCAdir$ /opt/mqm/bin/strmqm appqmgr01
There are 89 days left in the trial period for this copy of WebSphere MQ.
WebSphere MQ queue manager 'appqmgr01' starting.
The queue manager is associated with installation 'Installation1'.
5 log records accessed on queue manager 'appqmgr01' during the log replay phase.
Log replay for queue manager 'appqmgr01' complete.
Transaction manager state recovered for queue manager 'appqmgr01'.
WebSphere MQ queue manager 'appqmgr01' started using V7.5.0.2.
2.4.2
Crear la llave del repositorio para el gestor de colas
Cambiar
la localización del directorio donde el archivo con la llave del
repositorio es creado: /repository
user@user-vbox:~/code/ssl$ mkdir repositoryuser@user-vbox:~/code/ssl$ cd repository/
Y es seguido del siguiente comando para crear con la llave de la base de datos para el gestor colas:
user@user-vbox:~/code/ssl/repository$ /opt/mqm/bin/runmqckm -keydb -create -db appqmgr.kdb -type cms -stash
Después
de ingresar el comando se solicitara ingresar la contraseña.
2.4.3
Crear el certificado de respuesta para solicitud
Generar
el certificado de solicitud para el gestor de colas, a partir de
llave privada.
user@user-vbox:~/code/ssl/appCAdir$ /opt/mqm/bin/runmqckm -certreq -create -db appqmgr.kdb -type cms -dn "CN=appqmgr01,O=sysEnterprise,OU=sysDeparment,L=Mexico,C=MX" -label "ibmwebspheremqappqmgr" -file appqmgr.req
Después
de ingresar el comando se solicitara ingresar la contraseña.
2.4.4
Transferir la solicitud
Para
transferir el archivo de solicitud del certificado appqmgr.req, APRA
el directorio donde el archivo CA se encuentra localizado. Es
necesario cambiar al directorio:
user@user-vbox:~/code/ssl/repository$ ls
appqmgr.kdb appqmgr.rdb appqmgr.req appqmgr.sth
user@user-vbox:~/code/ssl/repository$ pwd
/home/user/code/ssl/repository
user@user-vbox:~/code/ssl/repository$ mv appqmgr.req /home/user/code/ssl/appCAdir/
appqmgr.kdb appqmgr.rdb appqmgr.req appqmgr.sth
user@user-vbox:~/code/ssl/repository$ pwd
/home/user/code/ssl/repository
user@user-vbox:~/code/ssl/repository$ mv appqmgr.req /home/user/code/ssl/appCAdir/
2.4.5
Firmar el certificado del gestor colas
Ejecutando
el siguiente comando:
user@user-vbox:~/code/ssl/appCAdir$ /opt/mqm/bin/runmqckm -cert -sign -db appCA.kdb -label "appCAcertificate" -expire 365 -format ascii -file appqmgr.req -target appqmgr.cer
2.4.6
Transferir el certificado firmado CA
Transferir
el certificado firmado appqmgr.cer y el certifcado public appCAcertfile.cer, a /repository.
user@user-vbox:~/code/ssl/appCAdir$ mv appqmgr.cer /home/user/code/ssl/repository/
user@user-vbox:~/code/ssl/appCAdir$ cp appCAcertfile.cer /home/user/code/ssl/repository/
2.4.7
Agregar el certificado CA
Agregar
el certificado publico de CA al repositoriod e llaves del gestor de
colas:
user@user-vbox:~/code/ssl/repository$ /opt/mqm/bin/runmqckm -cert -add -db appqmgr.kdb -type cms -file appCAcertfile.cer -label "theCAcert"
2.4.8
Repositorio del certificado firmado
Recibir
el certificado en la llave del repositorio del gestor de colas.
2.5 Agregar la locación de la llave del queuemanager
user@user-vbox:~/code/ssl/repository$ /opt/mqm/bin/runmqsc appqmgr01
5724-H72 (C) Copyright IBM Corp. 1994, 2011. ALL RIGHTS RESERVED.
Starting MQSC for queue manager appqmgr01.
ALTER QMGR SSLKEYR('/home/user/code/ssl/repository/appqmgr')
1 : ALTER QMGR SSLKEYR('/home/user/code/ssl/repository/appqmgr')
AMQ8005: WebSphere MQ queue manager changed.
END
2 : END
One MQSC command read.
No commands have a syntax error.
All valid MQSC commands were processed.
5724-H72 (C) Copyright IBM Corp. 1994, 2011. ALL RIGHTS RESERVED.
Starting MQSC for queue manager appqmgr01.
ALTER QMGR SSLKEYR('/home/user/code/ssl/repository/appqmgr')
1 : ALTER QMGR SSLKEYR('/home/user/code/ssl/repository/appqmgr')
AMQ8005: WebSphere MQ queue manager changed.
END
2 : END
One MQSC command read.
No commands have a syntax error.
All valid MQSC commands were processed.
Aqui termina la parte uno de 2 articulos de creación de certificados en IBM MQ.
Best regards,
Sunday, May 22, 2016
Useful MQSC scripts for IBM Message Queue (Part I)
I have been caught by the time, after some years ago, my knowledge of configuration of IBM Message Queue is not being in practice because spending 2 hours trying to configure Channel Security the remembrance of how doing it stuck me.
I have decided to conserve some memories of script of configuration and this is the first part.
1. Backup and recovery script:
2. Remove security to the channel
Important Links:
Best regards,
I have decided to conserve some memories of script of configuration and this is the first part.
1. Backup and recovery script:
2. Remove security to the channel
Important Links:
Best regards,
Monday, May 16, 2016
Missing libraries on installation of IBM Message Broker and Message Queue (Part I)
I am going back to IBM Message Queue and Message Broker, after some years, returning to old school, I have decided to publish this time some memories of working around and by now the following libraries are required to install the ibm middleware on a Centos 7 Machine:
Best regards,
Monday, September 30, 2013
How I do implement Request/Response pattern using SpringFramework and Weblogic?
Spring Framework has a lot of modules that could be implemented on several projects, On common questions in any projects is how to used it, The first factor that I could see is to Application Server well know, obviously your web application has to be deployed on an Web Application Server, we have to check the version and supporting jars to run your application, If your Application Server run up 1.5 JEE, a good choice will be Spring Framework, This small article try to getting started to first used spring jms module.
First you have to configure your Application Context:
After configurate your xml file you will have to inject a browser of Message Queue:
Now you can Inject the Request/Response in any Service, this had getting easier a MQ Implementation.
Best Regards,
First you have to configure your Application Context:
After configurate your xml file you will have to inject a browser of Message Queue:
Now you can Inject the Request/Response in any Service, this had getting easier a MQ Implementation.
Best Regards,
Subscribe to:
Posts (Atom)