Configuring Java CAPS for SSL Support

ProcedureTo Create a Certification Authority

  1. Create a key repository for the CA.

  2. Create a directory and in that directory, create a key repository file by entering the text shown below:

    C:\> mkdir \myCAdir
    C:\> cd \myCAdir
    C:\myCAdir> runmqckm -keydb -create -db myCA.kdb -type cms

    When prompted to create a password, type the password you want to use for the CA’s key repository.

  3. Create a self-signed CA certificate, which will be used to identify your CA:

    C:\myCAdir> runmqckm -cert -create -db myCA.kdb -type cms -label "myCAcertificate" 
    -dn "CN=myCAName,O=myOrganisation,OU=myDepartment,L=myLocation,C=IN" -expire 1000 
    -size 1024
  4. Extract the CA certficate into a file called myCAcertfile.cer, which you will later transfer to the key repositories of the queue manager and client application:

    C:\myCAdir> runmqckm -cert -extract -db myCA.kdb -type cms -label "myCAcertificate" 
    -target myCAcertfile.cer -format ascii