Versions Compared

Old Version 1

changes.mady.by.user Shrey Amin

Saved on

compared with

New Version 2

changes.mady.by.user Shrey Amin

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Anchor
1380785
1380785
Description

Anchor
1380787
1380787
The DATA_SSL_CIPHER_LIST option LIST option specifies one or more SSL/TLS 1.3 specific cipher suites that are acceptable to use for network communications on the data session, which is used for standard I/O file transmission.

Info

This option is specific to TLS 1.3. To configure ciphers for TLS 1.2 and earlier, see the data_ssl_cipher_list option.

Usage

Method

Syntax

IBM i

UNIX

Windows

z/OS

Command Line, Short Form

n/a





Command Line, Long Form

-data_ssl_cipher_list suites cipherlist (tick)


(tick)

(tick)


Environment Variable

UCMDDATASSLCIPHERLIST UCMDDATASSLCIPHERSUITES=cipherlist


(tick)

(tick) (tick)


Configuration File Keyword

data_ssl_cipher_list suites cipherlist


(tick)

(tick) (tick) (tick)STRUCM Parameter DTACPHRLST(cipherlist) (tick)



Note

The option is NOT currently supported on HP-UX

Values

cipherlist is a comma-separated list of SSL/TLS 1.3 specific cipher suites. The following table identifies the list of SSL/TLS cipher suites supported for this optionlist should be ordered with the most preferred suite first and the least preferred suite last.

The list is in default order, with the most preferred suite first and the least preferred suite last. 

Cipher Suite

Description

AES256-GCM-

TLS_AES_256_GCM_SHA384

256-bit AES encryption in Galois Counter Mode, SHA-2 384-bit message digest

.

AES256-SHA

256-bit AES encryption with SHA-1 message digest.

AES128-GCM-SHA256

128-bit AES encryption in Galois Counter Mode, SHA-2 256-bit message digest.

AES128-SHA

128-bit AES encryption with SHA-1 message digest.

ECDHE-RSA-AES256-GCM-SHA384Ephemeral Elliptic Curve Diffie-Hellman Key Exchange, RSA authentication, 256-bit AES encryption in Galois Counter Mode, SHA-2 384-bit message digest.ECDHE-ECDSA-AES256-GCM-SHA384Ephemeral Elliptic Curve Diffie-Hellman Key Exchange, ECDSA authentication, 256-bit AES encryption in Galois Counter Mode, SHA-2 384-bit message digest.ECDHE-RSA-AES128-GCM-SHA256Ephemeral Elliptic Curve Diffie-Hellman Key Exchange, RSA authentication, 128-bit AES encryption in Galois Counter Mode, SHA-2 256-bit message digest.ECDHE-ECDSA-AES128-GCM-SHA256Ephemeral Elliptic Curve Diffie-Hellman Key Exchange, ECDSA authentication,

TLS_CHACHA20_POLY1305_SHA256

256-bit CHACHA encryption with POLY1305 message authentication, SHA-2 256-bit message digest

TLS_AES_128_GCM_SHA256

128-bit AES encryption in Galois Counter Mode, SHA-2 256-bit message digest

.

RC4-SHA

128-bit RC4 encryption with SHA-1 message digest.

RC4-MD5

128-bit RC4 encryption with MD5 message digest.

DES-CBC3-SHA

128-bit Triple-DES encryption with SHA-1 message digest.

DES-CBC-SHA
                                     

128-bit DES encryption with SHA-1 message digest.
 

Note
titleNote

As of Universal Agent 6.7.0.0, DES-CBC-SHA is supported only on HP-UX.
 
Additionally, any Agents on HP-UX that accept connections from, or attempt connections to, Agents on other platforms must be configured with at least one currently supported cipher suite besides DES-CBC-SHA. Therefore, those HP-UX Agents cannot be configured only with DES-CBC-SHA in their list of cipher suites.

NULL-SHA256

No encryption and SHA-2 256-bit message digest.

NULL-SHA

No encryption and SHA-1 message digest.

NULL-MD5

No encryption and MD5 message digest.

...

titleNote

...