|
RSS Feed - WebSphere MQ Support
|
RSS Feed - Message Broker Support
|
 |
|
MQ explorer 9.3.3.1 : missing TLS 1.2 ciphers |
« View previous topic :: View next topic » |
Author |
Message
|
Nico0673 |
Posted: Fri Sep 08, 2023 7:39 am Post subject: MQ explorer 9.3.3.1 : missing TLS 1.2 ciphers |
|
|
Newbie
Joined: 08 Sep 2023 Posts: 2
|
Hello all,
I just upgraded my version of MQ Explorer on windows Server 2016 from 9.3.2.0 to 9.3.3.1 according to the last IBM Security Bulletin, and I was very surprised to see that now, no more TLS 1.2 ciphers are present in the list of SSL CipherSpecs !
I searched since some time how it was possible but didn't find anything...
Only TLS 1.3 Ciphers are now available...
Is someone had this issue and can you help me to remediate to that ?
Is there a tip, or a specific config to activate somewhere to have again all TLS1.2 available again in the list ?
Thanks !! |
|
Back to top |
|
 |
exerk |
Posted: Fri Sep 08, 2023 11:49 am Post subject: |
|
|
 Jedi Council
Joined: 02 Nov 2006 Posts: 6339
|
There are various pages within the Knowledge Centre that deal with TLS Cipher Specifications for various applications types, but the Enabling CipherSpecs page should be your starting point. _________________ It's puzzling, I don't think I've ever seen anything quite like this before...and it's hard to soar like an eagle when you're surrounded by turkeys. |
|
Back to top |
|
 |
Nico0673 |
Posted: Fri Sep 08, 2023 12:46 pm Post subject: |
|
|
Newbie
Joined: 08 Sep 2023 Posts: 2
|
exerk wrote: |
There are various pages within the Knowledge Centre that deal with TLS Cipher Specifications for various applications types, but the Enabling CipherSpecs page should be your starting point. |
Hello
Thanks I already see that, but the issue here is that in version 9.3.2.0 of MQ explorer when you go in the section "IBM MQ > Preferences > Client Connections > SSL Options" and in drop-downlist "CipherSpec" you see all TLS 1.2 and TLS 1.3 available Ciphers.
in version 9.3.3.1, you see at the same location only TLS 1.3 Ciphers in the drop-down list...
It is a real problem here, and I don't see anywhere where it may have an action to do to see again TLS 1.2 Ciphers...
I thought it was a link with IBM JRE / java embedded, but it is not the case as in Java 8, both protocols TLS 1.2 and 1.3 are activated ...
Big question is : "Why in version 9.3.3.1 of MQExp, we cannot choose anymore TLS 1.2 Ciphers to configure a client connection to a remote Queue Manager" ? |
|
Back to top |
|
 |
|
|
 |
|
Page 1 of 1 |
|
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
|
|
|