Skip to main content

Posts

Showing posts from August, 2010

Configuring and tuning WebSphere MQ for performance on Windows and UNIX - Middleware News

Configuring and tuning WebSphere MQ for performance on Windows and UNIX - Middleware News An IBM® WebSphere MQ queue manager that is created with default properties is configured to produce a fully functioning queue manager using reasonable amounts of memory and disk space. But it is not optimised for performance, and you can make a number of configuration changes to improve the performance of message processing with WebSphere MQ. This article shows you how to make those optimisations for a WebSphere MQ queue manager running on Windows, UNIX, or Linux. The tuning options cover: * Queue manager log * Queue manager channels * Queue manager listeners * Queue buffer sizes Some of these tuning changes for the queue manger log must be implemented before a queue manager is defined, so read thoroughly before doing any set-up or you may have to repeat you work. Such changes are identified in the relevant sections. Recommendation: Apply tuning to all connected queue managers, beca

Security considerations for distributed queuing (using CICS ISC) - Middleware News

Security considerations for distributed queuing (using CICS ISC) - Middleware News This section discusses security considerations for the "CICS mover". When defining and starting channels for the CICS mover, the transactions used require access to certain WebSphere MQ and CICS resources. The list below shows the transactions that are used for the CICS mover and the access requirements that might be needed. Security is not a mandatory requirement and these examples are only relevant where you are using resource security. CKMC This transaction requires RACF UPDATE access to the following resources: * The CSQKCDF VSAM file in CICS * The SYSTEM.CHANNEL.SEQNO local queue in WebSphere MQ * The SYSTEM.CHANNEL.COMMAND local queue in WebSphere MQ The CKMC transaction only needs RACF UPDATE access to the above resources under certain conditions: * For the CSQKCDF file, only when the following functions are performed: o CREATE a channel o COPY a channel o DELETE a

Configuring your system to use the Secure Sockets Layer (SSL) - Middleware News

Configuring your system to use the Secure Sockets Layer (SSL) - Middleware News Security installation tasks ================ When WebSphere MQ is first installed and customized, you must perform these security-related tasks: 1. Set up WebSphere MQ data set and system security by: * Authorizing the queue manager started-task procedure xxxxMSTR and the distributed queuing started-task procedure xxxxCHIN to run under RACF. * Authorizing access to queue manager data sets. * Authorizing access to resources for those user IDs that will use the queue manager and utility programs. * Authorizing access for those queue managers that will use the coupling facility list structures. * Authorizing access for those queue managers that will use DB2. 2. Set up RACF definitions for WebSphere MQ security. 3. If you want to use the Secure Sockets Layer (SSL), prepare your system to use certificates and keys (see Configuring your system to use the Secure Sockets Layer (SSL)). Setting

Deleting a certificate from a key repository on UNIX systems or Windows - Middleware News

Deleting a certificate from a key repository on UNIX systems or Windows - Middleware News Use this procedure to remove personal or CA certificates. 1. Start the iKeyman GUI using either the gsk7ikm command (on UNIX) or the strmqikm command (on Windows). 2. From the Key Database File menu, click Open. The Open window opens. 3. Click Key database type and select CMS (Certificate Management System). 4. Click Browse to navigate to the directory that contains the key database files. 5. Select the key database file to which you want to add the certificate, for example key.kdb. 6. Click Open. The Password Prompt window opens. 7. Type the password you set when you created the key database and click OK. The name of your key database file is displayed in the File Name field. 8. Start of changeFrom the drop down list, select Personal Certificates or Signer CertificatesEnd of change 9. Start of changeSelect the certificate you want to delete.End of change 10. If you do not

Setting up a key repository on UNIX and Windows systems - Middleware News

Setting up a key repository on UNIX and Windows systems - Middleware News Set up a key repository at both ends of the connection. Use the default certificate stores or create your own. End of change An SSL connection requires a key repository at each end of the connection. Each WebSphere® MQ queue manager and WebSphere MQ client must have access to a key repository. See The SSL key repository for more information. On UNIX® and Windows® systems, digital certificates are stored in a key database file that is managed with iKeyman, iKeycmd, or GSKCapiCmd. These digital certificates have labels. A specific label associates a personal certificate with a queue manager or WebSphere MQ client. SSL uses that certificate for authentication purposes. On UNIX and Windows systems, WebSphere MQ uses the ibmwebspheremq prefix on a label to avoid confusion with certificates for other products. The prefix is followed by the name of the queue manager or WebSphere MQ client user logon ID, changed

How to Configure SSL for the MQSC Adapter - Middleware News

How to Configure SSL for the MQSC Adapter - Middleware News The following procedures are designed to help you with configuring a Windows MQSeries Client to run with Secure Sockets Layer (SSL)-enabled MQSeries Server channels. The procedures describe configuration for one-way (Server) authentication. Configuration is performed in the following steps: * Set up the Queue Manager/Client to work without SSL. * Add SSL to the configuration. * Configure the MQSeries Client-Based Adapter properties for SSL. Note For more information, refer to IBM WebSphere MQ documentation. If you already have MQSeries client/server SSL working, you can go directly to the procedure for configuring the SSL properties in the adapter. The following procedures assume that you are setting up a new Queue Manager. However, you can also apply these steps to existing Queue Managers. To set up the Queue Manager/Client to work without SSL 1. Create a Queue Manager named QM1, and define a listener on

SOA / What is Service Oriented Architecture? SOA - Middleware News

What is Service Oriented Architecture? SOA What is Service Oriented Architecture SOA? ========================================== Service Oriented Architecture (SOA) ================================== In computing, a service-oriented architecture (SOA) is a flexible set of design principles used during the phases of systems development and integration. A deployed SOA-based architecture will provide a loosely-integrated suite of services that can be used within multiple business domains. SOA also generally provides a way for consumers of services, such as web-based applications, to be aware of available SOA-based services. For example, several disparate departments within a company may develop and deploy SOA services in different implementation languages; their respective clients will benefit from a well understood, well defined interface to access them. XML is commonly used for interfacing with SOA services, though this is not required. SOA defines

adsrerrapop