Managing security policies
A security policy is a conceptual object that describes the way a message is cryptographically encrypted and signed.
The location from which all administrative tasks related to security policies are run depends on which platform you are using.- On UNIX, and Windows, we use the DELETE POLICY, DISPLAY POLICY, and SET POLICY (or equivalent PCF)
commands to manage your security policies.
- On UNIX, administrative tasks can be run from MQ_INSTALLATION_PATH/bin.
- On Windows platforms, administrative tasks can be run from any location as the PATH environment variable is updated at the installation.
- On IBM® i, the DSPMQMSPL, SETMQMSPL, and WRKMQMSPL commands are installed
into the QSYS system library for the primary language of the system when IBM MQ is installed.
Additional national language versions get installed into QSYS29xx libraries according to the language feature load. For example, a machine with US English as the primary language and Korean as the secondary language has the US English commands installed into QSYS and the Korean secondary language load in QSYS2962 as 2962 is the language load for Korean.
- On z/OS®, the administrative
commands are run using the message security policy utility (CSQ0UTIL). When policies are created,
modified or deleted on z/OS, the changes are not
recognized by Advanced Message Security until the queue manager is stopped
and restarted, or the z/OS MODIFY command is used to
refresh the Advanced Message Security policy configuration. For example:
F <qmgr ssid>AMSM,REFRESH POLICY