Elvis, I found this document which might help give you clues to convert between IBM MQ's "kdb" format and the traditional Java "jks" format. In principle, it looks like you will need to export your client certificates, etc. out from your kdb store:
https://www.ibm.com/mysupport/s/question/0D50z000062l4HICAY/how-do-i-configure-ssl-tls-between-java-client-and-mq-queue-manager?language=en_US NiFi is not going to understand the kdb format. So you will ultimately need to export your certs and CA from the kdb file you created. From there, you will probably need to configure the JMS processors in NiFi to connect to MQ server. These documents seem to have some hints: https://community.cloudera.com/t5/Support-Questions/how-to-Setup-IBM-MQ-Configuration-for-Nifi/td-p/118155 https://www.senia.org/2018/05/10/integrating-apache-nifi-with-ibm-mq/ https://nifi.apache.org/docs/nifi-docs/components/org.apache.nifi/nifi-jms-processors-nar/1.19.1/org.apache.nifi.jms.cf.JMSConnectionFactoryProvider/additionalDetails.html Hope that helps. /Adam On Wed, Dec 28, 2022 at 2:23 PM Rivera Molina, Leonorelvis <lrive...@scotiabank.com.mx.invalid> wrote: > Hello I am Elvis Rivera from Scotiabank, we have a connection with NIFI > and it is very urgent to do the TLS set up between my MQ Server and NIFI > > I have a kesystore called key.kdb that is the name of the kesystore for > the MQ manager and I was checking your documentation and I do not see > anything related to the TLS connection between MQ SERVER and NIFI > > Do you have any documentation or could you please provide any help as this > is something very urgent since we have a vulnerability open with our > Security department. > > Thank you > > Elvis Rivera Molina | Asesor Arquitectura Transformación GBM > Scotiabank | DGA Tecnologías de la Información > Boulevard Manuel Avila Camacho No.1 > Colonia. Lomas de Chapultepec Piso1. > lrive...@scotiabank.com.mx<mailto:lrive...@scotiabank.com.mx> > > > Aviso de Confidencialidad: Este correo electrónico y/o el material adjunto > es para uso exclusivo de la persona o entidad a la que expresamente se le > ha enviado, y puede contener información confidencial o material > privilegiado. Si usted no es el destinatario legítimo del mismo, por favor > repórtelo inmediatamente al remitente del correo y bórrelo. Cualquier > revisión, retransmisión, difusión o cualquier otro uso de este correo, por > personas o entidades distintas a las del destinatario legítimo, queda > expresamente prohibido. Este correo electrónico no pretende ni debe ser > considerado como constitutivo de ninguna relación legal, contractual o de > otra índole similar. > Notice of Confidentiality: The information transmitted is intended only > for the person or entity to which it is addressed and may contain > confidential and/or privileged material. Any review, re-transmission, > dissemination or other use of, or taking of any action in reliance upon, > this information by persons or entities other than the intended recipient > is prohibited. If you received this in error, please contact the sender > immediately by return electronic transmission and then immediately delete > this transmission, including all attachments, without copying, distributing > or disclosing same. > >
