1.  Home
  2. MIDRANGE-L
  3. March 2020

RE: Anybody have V7R4 up and running?

SSL default changes.

TLS default change from TLSv1.2 to TLSv1.3 would probably break some of our production processes.

The Transport Layer Security version 1.3 protocol (TLSv1.3) is now enabled and used by default for System TLS. TLSv1.3 can be disabled by changing the QSSLPCL system value. If TLSv1.3 must be removed from the default protocol list, use System Service tools Advanced Analysis command TLSCONFIG option eligibleDefaultProtocols to remove the value.

And

The System TLS default signature algorithm certificate list no longer contains ECDSA_SHA224, ECDSA_SHA1, RSA_SHA224, RSA_SHA1, or RSA_MD5 signature algorithms. The enabled signature algorithm certificate list still contains those values.

For applications using the default list, certificates with those signatures will not be allowed. Applications can explicitly set the list if the default list is too restrictive. The most limited way to accomplish this is to use Digital Certificate Manager to change the explicit list for only the specific Application Definition requiring these algorithms.

If one of these algorithms must be added to the default signature algorithm certificate list, use System Service tools Advanced Analysis command TLSCONFIG option defaultSignatureAlgorithmCertificateList to add the value.

Paul

-----Original Message-----
From: MIDRANGE-L <midrange-l-bounces@xxxxxxxxxxxxxxxxxx> On Behalf Of James H. H. Lampert
Sent: Thursday, March 12, 2020 12:19 PM
To: Midrange Systems Technical Discussion <midrange-l@xxxxxxxxxxxxxxxxxx>
Subject: Anybody have V7R4 up and running?

Are there any "gotchas" with V7R4, that would break existing software?

--
JHHL
--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list To post a message email: MIDRANGE-L@xxxxxxxxxxxxxxxxxx To subscribe, unsubscribe, or change list options,
visit: https://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxxxxxxxx
Before posting, please take a moment to review the archives at https://archive.midrange.com/midrange-l.

Please contact support@xxxxxxxxxxxx for any subscription related questions.

Help support midrange.com by shopping at amazon.com with our affiliate link: https://amazon.midrange.com

As an Amazon Associate we earn from qualifying purchases.

This thread ...
Replies:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2025 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.