Improvements to SSL support

what's new for this release, SSL (Secure Sockets Layer)" /> Improvements to SSL support

Improvements to SSL support

We can now renegotiate a new secret key periodically while a channel is running, and the connection is not interrupted. A secret key is generated from the random text sent as a part of the SSL handshake. If the secret key is in existence for a long period of time it could be discovered, and all data encrypted with the same secret key can be deciphered.
Two additional CipherSpecs have been added: TLS_RSA_WITH_AES_128_CBC_SHA and TLS_RSA_WITH_AES_256_CBC_SHA.
The limitation on the number of AUTHINFO objects that can be used from the SSLCRLNL has been increased from one to ten. This ensures continuity of service if one or more LDAP servers fail.
For information about SSL, see WebSphere MQ Security.