+

Search Tips | Advanced Search

Displaying and dumping security policies in AMS

Use the dspmqspl command to display a list of all security policies or details of a named policy depending on the command-line parameters you supply.


Before you begin


Here is the list of dspmqspl command flags:

Table 1. dspmqspl command flags.
Command flag Explanation
-m Queue manager name (mandatory).
-p Policy name.
-export Add this flag generates output which can easily be applied to a different queue manager.


Example

The following example shows how to create two security policies for venus.queue.manager:
setmqspl -m venus.queue.manager -p AMS_POL_04_ONE -s sha256 -a "CN=signer1,O=IBM,C=US" -e NONE
setmqspl -m venus.queue.manager -p AMS_POL_06_THREE -s sha256 -a "CN=another signer,O=IBM,C=US" -e NONE

This example shows a command that displays details of all policies defined for venus.queue.manager and the output it produces:
dspmqspl -m venus.queue.manager

Policy Details:
Policy name: AMS_POL_04_ONE
Quality of protection: INTEGRITY
Signature algorithm: SHA256
Encryption algorithm: NONE
Signer DNs:
  CN=signer1,O=IBM,C=US
Recipient DNs: -
Toleration: 0
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Policy Details:
Policy name: AMS_POL_06_THREE
Quality of protection: INTEGRITY
Signature algorithm: SHA256
Encryption algorithm: NONE
Signer DNs:
  CN=another signer,O=IBM,C=US
Recipient DNs: -
Toleration: 0
This example shows a command that displays details of a selected security policy defined for venus.queue.manager and the output it produces:
dspmqspl -m venus.queue.manager -p AMS_POL_06_THREE

Policy Details:
Policy name: AMS_POL_06_THREE
Quality of protection: INTEGRITY
Signature algorithm: SHA256
Encryption algorithm: NONE
Signer DNs:
  CN=another signer,O=IBM,C=US
Recipient DNs: -
Toleration: 0
In the next example, first, we create a security policy and then, we export the policy using the -export flag:
setmqspl -m venus.queue.manager -p AMS_POL_04_ONE -s SHA256 -a "CN=signer1,O=IBM,C=US" -e NONE

dspmqspl -m venus.queue.manager -export

On z/OS, the exported policy information is written by CSQ0UTIL to the EXPORT DD.

On platforms other than z/OS, redirect the output to a file, for example:
dspmqspl -m venus.queue.manager -export > policies.[bat|sh]
To import a security policy: