All,
Trying to figure out what (older?) cypher we need to turn on our 7.4 box.
Here's what's supported at the server (according to
https://www.ssllabs.com/ssltest)
Cipher Suites
# TLS 1.2 (server has no preference)
TLS_RSA_WITH_3DES_EDE_CBC_SHA (0xa) WEAK 112
TLS_RSA_WITH_AES_128_CBC_SHA (0x2f) WEAK 128
TLS_RSA_WITH_AES_128_CBC_SHA256 (0x3c) WEAK 128
TLS_RSA_WITH_AES_128_GCM_SHA256 (0x9c) WEAK 128
TLS_RSA_WITH_AES_256_CBC_SHA (0x35) WEAK 256
TLS_RSA_WITH_AES_256_CBC_SHA256 (0x3d) WEAK 256
TLS_RSA_WITH_AES_256_GCM_SHA384 (0x9d) WEAK 256
Currently enabled via *OPSYS is showing
*AES_128_GCM_SHA256
*AES_256_GCM_SHA384
*CHACHA20_POLY1305_SHA256
*ECDHE_ECDSA_AES_128_GCM_SHA256
*ECDHE_ECDSA_AES_256_GCM_SHA384
*ECDHE_RSA_AES_128_GCM_SHA256
*ECDHE_RSA_AES_256_GCM_SHA384
*ECDHE_ECDSA_CHACHA20_POLY1305_SHA256
*ECDHE_RSA_CHACHA20_POLY1305_SHA256
I would have thought that the remote server's
TLS_RSA_WITH_AES_256_GCM_SHA384 would have match the IBM's
*AES_256_GCM_SHA384 but apparently not?
Thanks!
Charles
As an Amazon Associate we earn from qualifying purchases.