The InitialContext translates between the JMSAdmin Connection Factory property SSLCIPHERSUITE and the XMS near-equivalent XMSC_WMQ_SSL_CIPHER_SPEC. A similar translation is necessary if you specify a value for XMSC_WMQ_SSL_CIPHER_SUITE but omit value for XMSC_WMQ_SSL_CIPHER_SPEC.
Table 1 lists the available CipherSpecs and their JSSE CipherSuite equivalents.
CipherSpec | Equivalent JSSE CipherSuite |
---|---|
DES_SHA_EXPORT | SSL_RSA_WITH_DES_CBC_SHA |
DES_SHA_EXPORT1024 | SSL_RSA_EXPORT1024_WITH_DES_CBC_SHA |
FIPS_WITH_3DES_EDE_CBC_SHA | SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA |
FIPS_WITH_DES_CBC_SHA | SSL_RSA_FIPS_WITH_DES_CBC_SHA |
NULL_MD5 | SSL_RSA_WITH_NULL_MD5 |
NULL_SHA | SSL_RSA_WITH_NULL_SHA |
RC2_MD5_EXPORT | SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5 |
RC4_56_SHA_EXPORT1024 | SSL_RSA_EXPORT1024_WITH_RC4_56_SHA |
RC4_MD5_EXPORT | SSL_RSA_EXPORT_WITH_RC4_40_MD5 |
RC4_MD5_US | SSL_RSA_WITH_RC4_128_MD5 |
RC4_SHA_US | SSL_RSA_WITH_RC4_128_SHA |
TLS_RSA_WITH_3DES_EDE_CBC_SHA | SSL_RSA_WITH_3DES_EDE_CBC_SHA |
TLS_RSA_WITH_AES_128_CBC_SHA | SSL_RSA_WITH_AES_128_CBC_SHA |
TLS_RSA_WITH_AES_256_CBC_SHA | SSL_RSA_WITH_AES_256_CBC_SHA |
TLS_RSA_WITH_DES_CBC_SHA | SSL_RSA_WITH_DES_CBC_SHA |
TRIPLE_DES_SHA_US | SSL_RSA_WITH_3DES_EDE_CBC_SHA |
If you specify SSL_RSA_WITH_3DES_EDE_CBC_SHA or SSL_RSA_WITH_DES_CBC_SHA for the property XMSC_WMQ_SSL_CIPHER_SUITE, and there is no value for XMSC_WMQ_SSL_CIPHER_SPEC, a value for XMSC_WMQ_SSL_CIPHER_SPEC is chosen according to the following tables.
The values used for XMSC_WMQ_SSL_CIPHER_SPEC when you specify SSL_RSA_WITH_3DES_EDE_CBC_SHA for the XMSC_WMQ_SSL_CIPHER_SUITE property are shown in the following table;
Input: XMSC_WMQ_SSL_FIPSREQUIRED value | Output: XMSC_WMQ_SSL_CIPHER_SPEC chosen |
---|---|
xmsFALSE (that is, MQSSL_FIPS_NO) | TRIPLE_DES_SHA_US |
xmsTRUE (that is, MQSSL_FIPS_YES) | TLS_RSA_WITH_3DES_EDE_CBC_SHA |
The values used for XMSC_WMQ_SSL_CIPHER_SPEC when you specify SSL_RSA_WITH_DES_CBC_SHA for the XMSC_WMQ_SSL_CIPHER_SUITE property are shown in the following table;
Input: XMSC_WMQ_SSL_FIPSREQUIRED value | Output: XMSC_WMQ_SSL_CIPHER_SPEC chosen |
---|---|
xmsFALSE (that is, MQSSL_FIPS_NO) | DES_SHA_EXPORT |
xmsTRUE (that is, MQSSL_FIPS_YES) | TLS_RSA_WITH_DES_CBC_SHA |