XMSC_WMQ_SSL_CIPHER_SUITE

Data type:

String

Property of:

ConnectionFactory

The name of the CipherSuite to be used on a TLS connection to a queue manager. The protocol used in negotiating the secure connection depends on the specified CipherSuite.

This property has the following canonical values:

• SSL_RSA_WITH_DES_CBC_SHA
• SSL_RSA_EXPORT1024_WITH_DES_CBC_SHA
• SSL_RSA_EXPORT1024_WITH_RC4_56_SHA
• SSL_RSA_EXPORT_WITH_RC4_40_MD5
• SSL_RSA_WITH_RC4_128_MD5
• SSL_RSA_WITH_RC4_128_SHA
• SSL_RSA_WITH_3DES_EDE_CBC_SHA
• SSL_RSA_WITH_AES_128_CBC_SHA
• SSL_RSA_WITH_AES_256_CBC_SHA
• SSL_RSA_WITH_DES_CBC_SHA
• SSL_RSA_WITH_3DES_EDE_CBC_SHA

This value can be supplied as an alternative to XMSC_WMQ_SSL_CIPHER_SPEC.

If a non-empty value is specified for XMSC_WMQ_SSL_CIPHER_SPEC, this value overrides the setting for XMSC_WMQ_SSL_CIPHER_SUITE. If XMSC_WMQ_SSL_CIPHER_SPEC does not have a value, the value of XMSC_WMQ_SSL_CIPHER_SUITE is used as the cipher suite to be given to GSKit. In this case, the value is mapped on to the equivalent CipherSpec value, as described in CipherSuite and CipherSpec name mappings for XMS connections to an IBM MQ queue manager.

If both XMSC_WMQ_SSL_CIPHER_SPEC and XMSC_WMQ_SSL_CIPHER_SUITE are empty, the field pChDef->SSLCipherSpec is filled with spaces.

For .NET only: From IBM MQ Version 8.0, managed connections to IBM MQ (WMQ_CM_CLIENT) and unmanaged connections to IBM MQ (WMQ_CM_CLIENT_UNMANAGED) both support TLS/SSL connections.

By default, the property is not set.

Related information

• SSL and TLS support for the unmanaged .NET client
• SSL and TLS support for the managed .NET client