+

Search Tips | Advanced Search

CipherSpec mismatches

Both ends of an IBM MQ TLS channel must use the same CipherSpec. Mismatches can be detected during the TLS handshake or during channel startup.

A CipherSpec identifies the combination of the encryption algorithm and hash function. Both ends of an IBM MQ TLS channel must use the same CipherSpec, although they can specify that CipherSpec in a different manner. Mismatches can be detected at two stages:

TLS servers do not detect mismatches when an TLS client channel on UNIX, Linux or Windows systems specifies the DES_SHA_EXPORT1024 CipherSpec, and the corresponding TLS server channel on UNIX, Linux or Windows systems is using the DES_SHA_EXPORT CipherSpec. In this case, the channel runs normally.