Support for cryptographic hardware

Support for cryptographic hardware

On Windows and UNIX systems we can use the SSLCRYP parameter on the ALTER QMGR MQSC command to provide cryptographic hardware configuration information to the WebSphere MQ SSL support. Refer to Queue manager attributes for a description of the SSLCRYP parameter. Note however that WebSphere MQ can run SSL without cryptographic hardware. On i5/OS and z/OS, SSLCRYP is not used in cryptographic hardware configuration.
To configure cryptographic hardware for a WebSphere MQ client on Windows or UNIX, set the MQSSLCRYP environment variable, or set the CryptoHardware field of the MQSCO structure on an MQCONNX call. The permitted values for MQSSLCRYP and the CryptoHardware field are the same as for the SSLCRYP parameter. If you use the GSK_PCS11 version of the SSLCRYP parameter, the PKCS #11 token label must be specified entirely in lower-case.
Refer to Cryptographic hardware for information about the cryptographic hardware that has been tested with WebSphere MQ SSL support.

Parent topic:
WebSphere MQ SSL support

sy11040_