× Covid-19 update: No disruption to day to day business - our account managers and support staff are operating as usual.
Our accreditations and awards:
30 days guarantee
Cookies
0 items Total $0

Problem

You may receive the following error message:

"CSQX632I SSL certificate has no associated user ID"


Cause


MQ cannot find a user id from the certificate. The channel will run under the CHINIT user id (this may be a security exposure).


Resolution


There are two solutions:

1) You should install the peer certificates. Extract the peer certificates and install them in the RACF database. The label must match z/OS requirements (that is, ibmWebSphereMQ<qmgr>, not ibmwebspheremq<qmgr>). The certificate must be in the queue manager’s key ring.

OR

2) Create a RACF map. This JCL maps a certificate to a user id:

RACDCERT ID(EMIR) DELMAP (LABEL(‘MQMAP’))
RACDCERT ID(EMIR) MAP +
IDNFILTER(‘CN=MQCA.O=IBM.C=GB’) WITHLABEL(‘MQMAP’) TRUST
SETROPTS RACLIST(DIGTNMAP) REFRESH
RACDCERT ID(EMIR) LISTMAP (LABEL(‘MQMAP’))


More info here

Was this information Useful?
Comments

Privacy Policy