5.208
MWS supports message queue security with AES. If the moab.messageQueue.secretKey property is set, then all messages MWS publishes on the message queue will be encrypted. Additionally, MWS can read messages from Moab Workload Manager that are encrypted with the same key using the MESSAGEQUEUESECRETKEY parameter. For more information, see Configuration.
Encryption is done with AES in CBC mode where inputs are padded with PKCS5 padding. Only 128-bit (16-byte) keys are supported. Keys should be encoded in Base64.
For example:
moab.messageQueue.secretKey = "1r6RvfqJa6voezy5wAx0hw==" //must be a Base64-encoded 128-bit key
Important: If MWS is configured to encrypt the message queue and Moab is not (or vice versa) then the messages from Moab will be ignored. Furthermore, all attempts to access the MWS service resource will fail.
Related Topics