On 5/10/2021 4:57 PM, Michael Babcock wrote:
I did some testing on our sandbox (I commented out all ciphers except the
one I was interested in and refreshed policy agent) and here’s what I found.
<snip>
The ECDHE ciphers were rejected but the TLS_RSA_WITH_AES_256_CBC_SHA did
work (I didn’t try the TLS_RSA_WITH_AES_128_CBC_SHA cipher).
In spite of what the IBM Support page says, my tests show the following
ciphers enabled on the delivercb-bld.dhe.ibm.com server:
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
TLS_RSA_WITH_AES_128_CBC_SHA
TLS_RSA_WITH_AES_256_CBC_SHA
This was confirmed by an individual that supports the server. The
ciphers mentioned on the IBM Support page are a subset of the ciphers
actually enabled.
https://www.ibm.com/support/pages/node/6417233
I hope this helps. Is anyone still having trouble connecting?
Kurt Quackenbush -- IBM, SMP/E Development
Chuck Norris never uses CHECK when he applies PTFs.
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
