Start of change

Certificate selection

The ordered signature algorithm certificate list is sent to the peer when System SSL/TLS requests a certificate during the handshake. The peer uses the received list to guide the certificate selection process.

The peer should select a certificate that conforms to the list, however, that is not true for all implementations and configurations. System SSL/TLS treats a received certificate with an undesired signature algorithm as a session error unless optional client authentication is configured. When System SSL/TLS receives a client certificate request and is unable to select a conforming certificate, its behavior depends on the TLS protocol version. TLSv1.3 does not send a client certificate. TLSv1.2 sends an available nonconforming RSA or ECDSA certificate. The peer determines whether this certificate results in a session error. For more information about System SSL/TLS certificate selection logic, see Multiple certificate selection.

System SSL/TLS has the infrastructure to support the following certificate signature algorithms:
  • ECDSA_SHA512
  • ECDSA_SHA384
  • ECDSA_SHA256
  • ECDSA_SHA224
  • ECDSA_SHA1
  • Start of changeRSA_PSS_SHA512End of change
  • Start of changeRSA_PSS_SHA384End of change
  • Start of changeRSA_PSS_SHA256End of change
  • RSA_SHA512
  • RSA_SHA384
  • RSA_SHA256
  • RSA_SHA224
  • RSA_SHA1
  • RSA_MD5
Start of change

Enabled certificate signature algorithms

The System Service Tools (SST) Advanced Analysis command SSLCONFIG identifies the signature algorithms that are enabled for use in certificates on the system. Applications can negotiate secure sessions only with certificates that use the signature algorithms that are listed for SSLCONFIG option supportedSignatureAlgorithmCertificateList.

To determine the current value of the enabled signature algorithm certificate list on the system, use SSLCONFIG option display or the Retrieve TLS Attributes (QsoRtvTLSA) API. If the enabled signature algorithm certificate list must be changed on the system, use SSLCONFIG option supportedSignatureAlgorithmCertificateList to change the value. SSLCONFIG option h displays the help text that describes how to set the signature algorithm certificate list. Only signature algorithm values that are listed in the help text can be added to the list.

Note: The SSLCONFIG supportedSignatureAlgorithmCertificateList setting is reset by installing the Licensed Internal Code (LIC).
Example of setting SHA2 signature algorithms as the supported certificate signature algorithms on the system:
SSLCONFIG -supportedSignatureAlgorithmCertificateList:36,35,34,16,15,14
System SSL/TLS with TCP/IP PTF group level 5 installed has the following list of supported certificate signature algorithms:
  • ECDSA_SHA512
  • ECDSA_SHA384
  • ECDSA_SHA256
  • ECDSA_SHA224
  • ECDSA_SHA1
  • Start of changeRSA_PSS_SHA512End of change
  • Start of changeRSA_PSS_SHA384End of change
  • Start of changeRSA_PSS_SHA256End of change
  • RSA_SHA512
  • RSA_SHA384
  • RSA_SHA256
  • RSA_SHA224
  • RSA_SHA1
  • RSA_MD5
End of change
Start of change

Default certificate signature algorithms

When an application does not specify a signature algorithm certificate list, the System SSL/TLS default signature algorithm certificate list is used. Applications use this design to pick up new TLS support without requiring application code changes. The default signature algorithm certificate list has no meaning for applications that explicitly specify the signature algorithm certificate list for the application.

The default signature algorithm certificate list on a system is the intersection of the enabled signature algorithm certificate list and the eligible default signature algorithm certificate list. The eligible default signature algorithm certificate list is configured by using SSLCONFIG option defaultSignatureAlgorithmCertificateList.

To determine the current value of the eligible default signature algorithm certificate list on the system, use SSLCONFIG option display or the Retrieve TLS Attributes (QsoRtvTLSA) API.

Consider changing the default signature algorithm certificate settings only when no other configuration setting allows an application to interoperate with peers successfully. It is preferred to enable an older signature algorithm for only the specific application that requires it. When the application has an “application definition,” this enablement is accomplished through the Digital Certificate Manager (DCM).

If the default signature algorithm certificate list must be changed on the system, use SSLCONFIG option defaultSignatureAlgorithmCertificateList to change the value. SSLCONFIG option h displays the help text that describes how to set the signature algorithm certificate list. Only signature algorithm versions that are listed in the help text can be added to the list.

Note: The SSLCONFIG defaultSignatureAlgorithmCertificateList setting is reset by installing the Licensed Internal Code (LIC).
Example of setting the ECDSA signature algorithms as the default signature algorithms allowed for certificates on the system:
SSLCONFIG -defaultSignatureAlgorithmCertificateList:36,35,34
The following displays the order of the shipped default signature algorithm certificate list when TCP/IP PTF group level 5 is installed:Start of change
  • ECDSA_SHA512
  • ECDSA_SHA384
  • ECDSA_SHA256
  • ECDSA_SHA224
  • ECDSA_SHA1
  • Start of changeRSA_PSS_SHA512End of change
  • Start of changeRSA_PSS_SHA384End of change
  • Start of changeRSA_PSS_SHA256End of change
  • RSA_SHA512
  • RSA_SHA384
  • RSA_SHA256
  • RSA_SHA224
  • RSA_SHA1
End of change
End of change
End of change