Use the distinguished name of the queue manager in IBM MQ classes for Java
The queue manager identifies itself using a TLS certificate, which contains a distinguished name (DN). An IBM MQ classes for Java client application can use this DN to ensure that it is communicating with the correct queue manager.
A DN pattern is specified using the sslPeerName variable of MQEnvironment. For example, setting:MQEnvironment.sslPeerName = "CN=QMGR.*, OU=IBM, OU=WEBSPHERE";allows the connection to succeed only if the queue manager presents a certificate with a Common Name beginning QMGR., and at least two Organizational Unit names, the first of which must be IBM and the second WebSphere .
If sslPeerName is set, connections succeed only if it is set to a valid pattern and the queue manager presents a matching certificate.
An application can also specify the distinguished name of the queue manager by setting the environment property CMQC.SSL_PEER_NAME_PROPERTY. For more information about distinguished names, see Distinguished names.
Parent topic: Transport Layer Security (TLS) support in IBM MQ classes for Java