Example of how to encrypt queue manager active logs
The following topics guide you through the process of enabling data set encryption on existing active logs.
Note: The process for other data sets is similar to that for active logs. In this example:
- Queue manager CSQ1 is run under user QMCSQ1, and has active log data sets CSQ1.LOGS.LOGCOPY1.DS001, CSQ1.LOGS.LOGCOPY1.DS002, and so on
- The hardware and software environment is capable of using z/OS data set encryption
- RACF is used as the SAF
- The queue manager has been stopped
Carry out the procedure in the following order:
- Configure the data set encryption key for the queue manager
- Configure data set encryption for the log data sets
- Configure the data set encryption key for the queue manager
How you configure a data set encryption key for a queue manager.- Configure data set encryption for the log data sets
How you configure the encryption on the log data sets.Parent topic: Confidentiality for data at rest on IBM MQ for z/OS with data set encryption