Alternatives for specifying CipherSpecs
This section does not apply to UNIX or Windows systems, because the CipherSpecs are provided with the WebSphere MQ product, so new CipherSpecs do not become available after shipment.
For those platforms where the operating system provides the SSL support, your system might support new CipherSpecs that are not included in Table 1. We can specify a new CipherSpec with the SSLCIPH parameter, but the value you supply depends on your platform. In all cases the specification must correspond to an SSL CipherSpec that is both valid and supported by the version of SSL your system is running.
- i5/OS
- A two-character string representing a hexadecimal value.
For more information about the permitted values, refer to the iSeries™ Information Center at http://publib.boulder.ibm.com/html/as400/infocenter.html (search on cipher_spec).
We can use either the CHGMQMCHL or the CRTMQMCHL command to specify the value, for example:
CRTMQMCHL CHLNAME('channnel name') SSLCIPH('hexadecimal value')We can also use the ALTER QMGR MQSC command to set the SSLCIPH parameter.- z/OS
- A two-character string representing a hexadecimal value. The hexadecimal codes correspond to the SSL protocol values defined at http://home.netscape.com/eng/ssl3/ssl-toc.html
For more information, refer to the description of gsk_environment_open() in the API reference chapter of z/OS System SSL Programming, SC24-5901, where there is a list of all the supported SSL V3 cipher specifications in the form of 2-digit hexadecimal codes.
Parent topic:
Specifying CipherSpecs
sy12890_