Securing Communication with Controller Servers

As previously explained, MSMQ controller servers (PECs, PSCs, and BSCs) hold copies of the MQIS database. The MQIS is a distributed database that holds enterprise topology, enterprise settings, computer information, queue information, and user information. MSMQ-based applications can query the MQIS to find queues and get queue properties.

Communication between MSMQ controller servers is inherently secure, because all the messages are signed and verified based on information found in the MQIS database. However, by default, MSMQ does not secure MQIS access by MSMQ clients (both independent and dependent) or MSMQ routing servers.

you, As an MSMQ administrator, can secure MQIS access by MSMQ clients or MSMQ routing servers by installing a certificate on each controller server. This ensures that unauthorized persons cannot install software that impersonates a controller server for the purpose of providing false information or obtaining confidential information. You can enable secure MQIS access on individual controller servers, and you can configure each MSMQ client to trust only specific certificate authorities.

Note Because MSMQ-based applications running on a controller server will access the MQIS database on the local computer, you do not need to use certificates to secure access to the local MQIS database on controller servers.

The certificate used to secure MQIS access on a controller server must be installed separately from any certificates installed for message authentication. However, if properly configured, the same certificate can be used by MSMQ for secure MQIS access, and by Microsoft Internet Information Server (IIS) for secure hypertext transfer protocol (HTTP).

For more information on MSMQ controller servers and the MQIS database, see "The MSMQ Information Store" in Chapter 1, "Understanding MSMQ."

© 1997 by Microsoft Corporation. All rights reserved.