KeyRepository (MQCHAR256)

This field is relevant only for IBM MQ MQI clients running on UNIX and Windows systems. It specifies the location of the key database file in which keys and certificates are stored. The key database file must have a file name of the form zzz.kdb, where zzz is user-selectable. The KeyRepository field contains the path to this file, along with the file name stem (all characters in the file name up to but not including the final .kdb). The .kdb file suffix is added automatically.

Each key database file has an associated password stash file. This holds encoded passwords that are used to allow programmatic access to the key database. The password stash file must reside in the same directory and have the same file stem as the key database, and must end with the suffix .sth.

For example, if the KeyRepository field has the value /xxx/yyy/key, the key database file must be /xxx/yyy/key.kdb, and the password stash file must be /xxx/yyy/key.sth, where xxx and yyy represent directory names.

If the value is shorter than the length of the field, terminate the value with a null character, or pad it with blanks to the length of the field. The value is not checked; if there is an error in accessing the key repository, the call fails with reason code MQRC_KEY_REPOSITORY_ERROR.

To run a TLS connection from an IBM MQ MQI client, set KeyRepository to a valid key database file name.

This is an input field. The length of this field is given by MQ_SSL_KEY_REPOSITORY_LENGTH. The initial value of this field is the null string in C, and blank characters in other programming languages.

Parent topic: Fields for MQSCO