Security installation tasks for z/OS
After installing and customizing IBM MQ, authorize started task procedures to RACF, authorize access to various resources, and set up RACF definitions. Optionally, configure the system for TLS.
When IBM MQ is first installed and customized, you must perform these security-related tasks:- Set up IBM MQ data set and system security by:
- Authorizing the queue manager started-task procedure xxxxMSTR and the distributed queuing started-task procedure xxxxCHIN to run under RACF.
- Authorizing access to queue manager data sets.
- Authorizing access to resources for those user IDs that will use the queue manager and utility programs.
- Authorizing access for those queue managers that will use the coupling facility list structures.
- Authorizing access for those queue managers that will use Db2 .
- Set up RACF definitions for IBM MQ security.
- To use Transport Layer Security (TLS), prepare the system to use certificates and keys.
- Set up IBM MQ for z/OS data set security
There are many types of IBM MQ user. Use RACF to control their access to system data sets. - Set up IBM MQ for z/OS resource security
There are many types of IBM MQ user. Use RACF to control their access to IBM MQ resources. - Configure your z/OS system to use TLS
Use this topic as example of how to configure IBM MQ for z/OS with Transport Layer Security (TLS) using RACF commands.
Parent topic: Set up security on z/OS