Notify me!
-
Recent Posts
Archives
Categories
Stack Exchange MQ Q&A
- IBM MQ Connection failure : xcsGetpwuid got password entry with user name too long (more than 13 characters) – stackoverflow.com
- Deliver KDB keys for IBM MQ, based only on certificates – stackoverflow.com
- .Net MQ client can't connect to MQ over TLS CWSMQ0006E with reason 2538 – stackoverflow.com
- Ansible Playbook Not retaining "locale" settings: LC_ALL and LANG empty – stackoverflow.com
- 'inq' authority errors for TARGET queues for multiple applications though ALIAS queue is granted with +allmqi – stackoverflow.com
Meta
Follow me on Twitter
My Tweets
Tag Archives: security
Inaccurate MQ auths event messages
The security maturity progression in MQ starts with access control. First we isolate MQ Admin access, then add granular user and application access. This class of security control is known as intrusion prevention. After mastering that the next phase includes … Continue reading
Posted in IBMMQ, News, Security, WMQ Security
Tagged authorization, AUTHREC, bugs, Events, logs, News, security, setmqaut, WebSphere MQ Security, WMQ Security
2 Comments
News and updates
This is a quick note to tell folks a bit about my virtual absence of late, current events and plans for what’s coming up. Whatever happened to… I’m not exactly a candidate for VH1’s Where Are They Now but I … Continue reading
Posted in Events, IBMMQ, News, Security, WMQ Security
Tagged Admin, Best Practices, commentary, Conferences, Events, IBM MQ, News, Recommended Practices, security, WebSphere MQ, WebSphere MQ Security, WMQ Security
Leave a comment
MQTC Sessions and downloads posted
My sessions and downloadable scripts from MQTC 2.0.15 are now up on the Links page.
Posted in Events, IBMMQ, MQTC, News, Security, WMQ Security
Tagged Admin, Best Practices, Conferences, Events, security, WebSphere MQ Security, WMQ, WMQ Security
Leave a comment
Time for MQ to get serious about instrumentation and admin. Again.
Outstanding RFEs and feature requests have been a hot topic on the MQ list server of late. Looking at the RFEs that have been posted and discussed, there’s a general architectural requirement many of them seem to have in common: … Continue reading
Posted in Events, IBMMQ, IIB, News, Security, WMQ Security
Tagged Events, Hursley, IBM MQ, News, Recommended Practices, security, vulnerability, WebSphere MQ, WebSphere MQ Security, WMQ, WMQ Security
3 Comments
Zero to SSL in under 5 Minutes
A viewer of the Zero to Hello World video recently challenged me to do a similar video for SSL. Challenge accepted!
Posted in IBMMQ, Security, WMQ Security
Tagged Admin, Best Practices, Recommended Practices, security, SSL, TLS, tutorial, WebSphere MQ Security, WMQ Security
1 Comment
IBM MQ Security Requirements Questionnaire
Over the years I have often been asked for security templates and other canned assets to help make MQ security planning, implementation, and operation easier. These often become the source material for conference presentations, articles and videos. Some of these … Continue reading
Posted in IBMMQ, Security, WMQ Security
Tagged Admin, Architecture, Best Practices, IBM MQ, Recommended Practices, security, WebSphere MQ, WebSphere MQ Security, WMQ Security
2 Comments
Managing CA-signed certificates
MQ Admins are getting serious about TLS channels these days, but it isn’t always easy because there’s a fairly steep learning curve. Though there is plenty of documentation for the MQ aspects, and for X.509 and TLS itself, very little … Continue reading
Posted in IBMMQ, Security, WMQ Security
Tagged Admin, Architecture, Best Practices, IBM MQ, Recommended Practices, security, WebSphere MQ Security, WMQ Security
10 Comments
Configuration backups: the forgotten WMQ security control
Update: IBM has reconsidered and has announced that dmpmqcfg will be fixed as a defect! Subscribe if you would like a notification when the fix is announced. But please do read the post, especially if you are using amqoamd for … Continue reading
Posted in Fail, General, IBMMQ, IIB, MQ AMS, MQMFT, Security, WMQ ESE, WMQ Security
Tagged Best Practices, commentary, IBM, News, security, WebSphere MQ Security, WMQ, WMQ Security
Leave a comment
Pub/Sub security
One of the recurring questions I receive is about the differences between queue security and pub/sub security. The email below is typical:
Posted in IBMMQ, Security
Tagged Admin, Best Practices, Recommended Practices, security, topics, WebSphere MQ, WebSphere MQ Security, WMQ Security
Leave a comment
MQ Password/CHLAUTH research – Exec Summary
As of v8.0, MQ now can natively validate user IDs by checking the password against the Operating System or LDAP. Checking against Pluggable Authentication Module (PAM) was added in v8.0.0.4. Prior to v8.0 it was necessary to use a channel … Continue reading →
Share this: