HTTPS
HTTPS can be used on an HTTP connection by enabling the HTTPS and SSLClient route properties on the MQIPT issuing the client connection. MQIPT must have access to the trusted CA certificate that will be used to authenticate the target HTTP proxy/server. The SSLClientCAKeyring property can be used to define the key ring file containing the trusted CA certificate.
A common setup for HTTPS will use a local HTTP proxy to tunnel out through a firewall and connect to a remote HTTP server (or another proxy), which will in turn connect to the remote MQIPT. This MQIPT on the server side of the connection does not need any specific configuration, as the connection request is treated as any normal HTTP connection.
MQIPT uses the HTTPProxy and HTTPServer properties to distinguish the local and remote proxies. The MQIPT route with the HTTPProxy property set is seen to be the local HTTP proxy, and the MQIPT route with the HTTPServer property set is the remote server (or proxy).
HTTPS connections are normally made to listener port address 443 on the HTTP proxy/server, but the HTTPProxyPort and HTTPServerPort properties can be used to override this default.
Parent topic: HTTP support