WebSphere WebSphere Business Integration Message Service Clients for C/C++ Version 1.2.7 and .NET Version 1.2.6 Operating Systems: AIX, Linux, Solaris, Windows

CipherSuite and CipherSpec name mappings for connections to a WebSphere MQ queue manager

The InitialContext translates between the JMSAdmin Connection Factory property SSLCIPHERSUITE and the XMS near-equivalent XMSC_WMQ_SSL_CIPHER_SPEC. A similar translation is necessary if you specify a value for XMSC_WMQ_SSL_CIPHER_SUITE but omit value for XMSC_WMQ_SSL_CIPHER_SPEC.

Table 1 lists the available CipherSpecs and their JSSE CipherSuite equivalents.

Table 1. Available CipherSpecs and their JSSE CipherSuite equivalents
CipherSpec Equivalent JSSE CipherSuite
DES_SHA_EXPORT SSL_RSA_WITH_DES_CBC_SHA
DES_SHA_EXPORT1024 SSL_RSA_EXPORT1024_WITH_DES_CBC_SHA
FIPS_WITH_3DES_EDE_CBC_SHA SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA
FIPS_WITH_DES_CBC_SHA SSL_RSA_FIPS_WITH_DES_CBC_SHA
NULL_MD5 SSL_RSA_WITH_NULL_MD5
NULL_SHA SSL_RSA_WITH_NULL_SHA
RC2_MD5_EXPORT SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5
RC4_56_SHA_EXPORT1024 SSL_RSA_EXPORT1024_WITH_RC4_56_SHA
RC4_MD5_EXPORT SSL_RSA_EXPORT_WITH_RC4_40_MD5
RC4_MD5_US SSL_RSA_WITH_RC4_128_MD5
RC4_SHA_US SSL_RSA_WITH_RC4_128_SHA
TLS_RSA_WITH_3DES_EDE_CBC_SHA SSL_RSA_WITH_3DES_EDE_CBC_SHA
TLS_RSA_WITH_AES_128_CBC_SHA SSL_RSA_WITH_AES_128_CBC_SHA
TLS_RSA_WITH_AES_256_CBC_SHA SSL_RSA_WITH_AES_256_CBC_SHA
TLS_RSA_WITH_DES_CBC_SHA SSL_RSA_WITH_DES_CBC_SHA
TRIPLE_DES_SHA_US SSL_RSA_WITH_3DES_EDE_CBC_SHA
Note: A one-to-one mapping for the CipherSuite name SSL_RSA_WITH_3DES_EDE_CBC_SHA or SSL_RSA_WITH_DES_CBC_SHA must account for the setting of the property XMSC_WMQ_SSL_FIPSREQUIRED and apply an heuristic.

If you specify SSL_RSA_WITH_3DES_EDE_CBC_SHA or SSL_RSA_WITH_DES_CBC_SHA for the property XMSC_WMQ_SSL_CIPHER_SUITE, and there is no value for XMSC_WMQ_SSL_CIPHER_SPEC, a value for XMSC_WMQ_SSL_CIPHER_SPEC is chosen according to the following tables.

The values used for XMSC_WMQ_SSL_CIPHER_SPEC when you specify SSL_RSA_WITH_3DES_EDE_CBC_SHA for the XMSC_WMQ_SSL_CIPHER_SUITE property are shown in the following table;

Table 2. Values used for XMSC_WMQ_SSL_CIPHER_SPEC when you specify SSL_RSA_WITH_3DES_EDE_CBC_SHA for the XMSC_WMQ_SSL_CIPHER_SUITE property
Input: XMSC_WMQ_SSL_FIPSREQUIRED value Output: XMSC_WMQ_SSL_CIPHER_SPEC chosen
xmsFALSE (that is, MQSSL_FIPS_NO) TRIPLE_DES_SHA_US
xmsTRUE (that is, MQSSL_FIPS_YES) TLS_RSA_WITH_3DES_EDE_CBC_SHA

The values used for XMSC_WMQ_SSL_CIPHER_SPEC when you specify SSL_RSA_WITH_DES_CBC_SHA for the XMSC_WMQ_SSL_CIPHER_SUITE property are shown in the following table;

Table 3. Values used for XMSC_WMQ_SSL_CIPHER_SPEC when you specify SSL_RSA_WITH_DES_CBC_SHA for the XMSC_WMQ_SSL_CIPHER_SUITE property
Input: XMSC_WMQ_SSL_FIPSREQUIRED value Output: XMSC_WMQ_SSL_CIPHER_SPEC chosen
xmsFALSE (that is, MQSSL_FIPS_NO) DES_SHA_EXPORT
xmsTRUE (that is, MQSSL_FIPS_YES) TLS_RSA_WITH_DES_CBC_SHA

Concept topic

Terms of Use | Rate this page

Last updated: 18 Jun 2008

© Copyright IBM Corporation 2005, 2008. All Rights Reserved.