Adil Abdullah
2 min readFeb 27, 2022

HTTPS configuration in IBM Integration Bus IIB 10

1 HTTPS Setup Broker Level

1.1 Configuring the broker to use SSL

Complete the following steps:

1. Turn on SSL support in the broker, by setting a value for enableSSLConnector

mqsichangeproperties brokerName -b httplistener -o HTTPListener -n enableSSLConnector -v true

2. Optional: If you do not want to use the default port 7083 for HTTPS messages, specify the port on which the broker listens:

mqsichangeproperties brokerName -b httplistener -o HTTPSConnector -n port -v PortNum

3. Restart the broker after changing one or more of the HTTP listener properties.

4. Optional: Use the following commands to display HTTP listener properties:

mqsireportproperties broker_name -b httplistener -o HTTPListener -a

mqsireportproperties broker_name -b httplistener -o HTTPSConnector -a

Configuring PKI at Integration Node Level

1. Start the integration node:

mqsistart integrationNodeName

2. Display the current settings of the integration node registry properties:

mqsireportproperties integrationNodeName -o BrokerRegistry –r

3. Set the keystore property:

mqsichangeproperties integrationNodeName -o BrokerRegistry -n brokerKeystoreFile -v install_dir\MyBrokerKeystore.jks

4. Set the truststore property:

mqsichangeproperties integrationNodeName -o BrokerRegistry -n brokerTruststoreFile -v install_dir\MyBrokerTruststore.jks

5. Stop the integration node:

mqsistop integrationNodeName

6. Set the password for the keystore:

mqsisetdbparms integrationNodeName -n brokerKeystore::password -u ignore -p keystore_pass

7. Set the password for the truststore:

mqsisetdbparms integrationNodeName -n brokerTruststore::password -u ignore -p truststore_pass

8. Start the integration node:

mqsistart integrationNodeName

9. Display and verify the integration node registry properties:

mqsireportproperties integrationNodeName -o BrokerRegistry -r

2 HTTPS Setup Server Level

mqsireportproperties IIB10NODE -e ISO8583 -o ExecutionGroup –r

Enable HTTP Node Listerner on Execution group Level

mqsireportproperties IIB10NODE -e ISO8583 -o ExecutionGroup -n httpNodesUseEmbeddedListener –v true

Change the SSL protocol. The default protocol for the integration server’s HTTPS connections is TLS. Run the following command to change it to SSL:

mqsichangeproperties IIB10NODE -e ISO8583 -o HTTPSConnector -n sslProtocol -v SSL

Specify a specific port on which the integration server listens for HTTPS requests, or leave the value unset to use the next available port number.

mqsichangeproperties IIB10NODE –e ISO8583 -o HTTPSConnector -n explicitlySetPortNumber -v 7200

Configure the integration server listens for HTTPS with the path to the keystore:

mqsichangeproperties IIB10NODE -e ISO8583 -o HTTPSConnector -n keystoreFile -v D:/IBM/JSKey.jks

Set keystore type:

mqsichangeproperties IIB10NODE -e ISO8583 -o HTTPSConnector -n keystoreType -v JKS

Set keystore password:

mqsichangeproperties IIB10NODE -e ISO8583 -o HTTPSConnector -n keystorePass -v abcd@1234

mqsichangeproperties IIB10NODE -e ISO8583 -o ComIbmJVMManager -n keystoreFile -v D:/IBM/JSKey.jks

mqsichangeproperties IIB10NODE -e ISO8583 -o ComIbmJVMManager -n keystoreType -v JKS

Adil Abdullah
Adil Abdullah

Written by Adil Abdullah

Currently working as Full stack Java developer at Contour Software at their Easit AB division part of Jonas group. Working on Java and IBM stack.