Authentication information objects
An authentication information object provides the definitions required to perform certificate revocation checking.
The queue manager authentication information object forms part of IBM MQ support for Transport Layer Security (TLS). It provides the definitions needed to check for revoked certificates. Certification Authorities revoke certificates that can no longer be trusted.
We can use the MQSC command DEFINE AUTHINFO to define an authentication information object. For more information about the attributes of authentication information objects, see DEFINE AUTHINFO.
We can use the following IBM MQ control commands with an authentication information object:
- setmqaut (grant or revoke authority)
- dspmqaut (display object authorization)
- dmpmqaut (dump authorizations)
- rcrmqobj (re-create object)
- rcdmqimg (record media image)
- dspmqfls (display file names)
For an overview of TLS, and the use of the authentication information objects, see TLS security protocols in IBM MQ .