0

I am developing an application using .net 6. I am trying to connect to Ibm mq using amqmdnetstd.dll(9.3.2). We are deploying the application within a openshift pod. Please note that the Ibm mq server is deployed in a different system. The infrastructure team has provided us with a keystore.p12 file and asked us to use this for the keystore. My query is whether if this is even possible since i was under the inpression that amqmdnetstd only accepts .kdb file for keystore repository.

I have tried to provide the directory and file name for the .p12. But the queue is not connecting. I have tried to access the same queue from a windows box after generating .kdb file and it seems to be working fine.

Please let me know if it is possible to use a .p12 file directly.

Nived J
  • 1
  • .net standard on openshift uses openssl not gskit thus it did not use a kdb. – JoshMc Mar 28 '23 at 05:42
  • So do i only need to set the path of .p12 file directly in the MQEnvironment.SSLKeyRepository? – Nived J Mar 28 '23 at 06:00
  • Also for the application to work, does it require any ibm mq binaries pre installed in the openshift? – Nived J Mar 28 '23 at 06:02
  • You would need only amqmdnetstd.dll on the server. I'm not clear on how to store the client cert on Linux. This answer may help. https://stackoverflow.com/questions/64911987/secure-handshake-failing-during-ibm-mq-mqqueuemanager-on-linux-net-core – JoshMc Mar 28 '23 at 10:24
  • The above answer does give some light. But i am still unclear on how to feed the .p12 file to the MQEnvironment. Any assistance to this matter would be greatly appreciated. I have been stuck with this since last 3 weeks. – Nived J Mar 28 '23 at 11:23
  • You specify `*USER` as the value for the key repository. Using a hash table is better than MQEnvironment but both should work. – JoshMc Mar 28 '23 at 13:49
  • Thanks for this info @JoshMc. Just one more doubt, how do we register this certificate at user level in case of openshift. Can you suggest some links for this? – Nived J Mar 29 '23 at 05:26
  • I see the command in the answer to the question i linked to. "certificate-tool add". Google it and found https://github.com/gsoft-inc/dotnet-certificate-tool – JoshMc Mar 29 '23 at 12:44

0 Answers0