0

We are considering moving our workloads to Azure. As applications move to Azure they will need to continue to communicate with on-premises workloads using IBM MQ (for some foreseeable future).

I did see this: Storing and retriveing a JKS from Azure key vault but we do not want to package the jks with the application and would like to replace the functionality by Azure KeyVault service. Has anyone tried using the keyvault as the key and trusted store or can share some guidance on implementing this?

JoshMc
  • 10,239
  • 2
  • 19
  • 38
NoviceProgrammer
  • 3,347
  • 1
  • 22
  • 32
  • If this question does not fit the stackoverflow guidelines then flag it and i will take it out – NoviceProgrammer Mar 17 '20 at 09:44
  • Since you mention JKS, are you only interested in Java applications? C-based MQ applications would normally be using KDB keystores and .Net applications usually use the Windows-provided keystores. – Mark Taylor Mar 17 '20 at 10:01
  • @MarkTaylor: yes our workloads are almost entirely java based – NoviceProgrammer Mar 17 '20 at 10:03
  • I don't know much about the Azure key vault, but maybe it is possible to build your own `SSLContext` using the interface to Azure. A sample of building a `SSLContext` to use with IBM MQ is included in [this answer](https://stackoverflow.com/questions/2692070/connecting-to-a-websphere-mq-in-java-with-ssl-keystore/29471616#29471616). I found some hits on accessing azure KeyVault [here](https://stackoverflow.com/questions/51156870/how-do-i-set-up-a-sslcontext-using-certificate-from-azure-keyvault-in-java) as well. – JoshMc Mar 18 '20 at 23:42

0 Answers0