SSL/TLS CipherSpecs and CipherSuites in IBM MQ classes for JMS

The ability of IBM® MQ classes for JMS applications to establish connections to a queue manager, depends on the CipherSpec specified at the server end of the MQI channel and the CipherSuite specified at the client end.

The following table lists the CipherSpecs supported by IBM MQ and their equivalent CipherSuites.

You should review the topic Deprecated CipherSpecs to see if any of the CipherSpecs, listed in the following table, have been deprecated by IBM MQ and, if so, at which update the CipherSpec was deprecated.

Important: The CipherSuites listed are those supported by the IBM Java Runtime Environment (JRE) supplied with IBM MQ. From IBM MQ 8.0.0, Fix Pack 2, the CipherSuites that are listed include those supported by the Oracle Java JRE. For more information about configuring your application to use an Oracle Java JRE, see Configuring your application to use IBM Java or Oracle Java CipherSuite mappings.
The table also indicates the protocol (SSL or a particular version of TLS) that is used for the communication, and whether or not the CipherSuite conforms to the FIPS 140-2 standard.
Note: On UNIX, Linux®, and Windows, IBM MQ provides FIPS 140-2 compliance through the IBM Crypto for C (ICC) cryptographic module. The certificate for this module has been moved to the Historical status. Customers should view the IBM Crypto for C (ICC) certificate and be aware of any advice provided by NIST. A replacement FIPS 140-3 module is currently in progress and its status can be viewed by searching for it in the NIST CMVP modules in process list.
From IBM MQ 8.0.0, Fix Pack 2, the SSLv3 protocol and the use of some IBM MQ CipherSpecs is deprecated. For more information, see Deprecated CipherSpecs.

Ciphersuites denoted as FIPS 140-2 compliant can be used if the application has not been configured to enforce FIPS 140-2 compliance, but if FIPS 140-2 compliance has been configured for the application (see the following notes on configuration) only those CipherSuites which are marked as FIPS 140-2 compatible can be configured; attempting to use other CipherSuites results in an error.

Note: Each JRE can have multiple cryptographic security providers, each of which can contribute an implementation of the same CipherSuite. However, not all security providers are FIPS 140-2 certified. If FIPS 140-2 compliance is not enforced for an application then it is possible that an uncertified implementation of the CipherSuite might be used. Uncertified implementations might not operate in compliance with FIPS 140-2, even if the CipherSuite theoretically meets the minimum security level required by the standard. See the following notes for more information about configuring FIPS 140-2 enforcement in IBM MQ JMS applications.

For more information about FIPS 140-2 and Suite-B compliance for CipherSpecs and CipherSuites, see Specifying CipherSpecs. You might also need to be aware of information that concerns US Federal Information Processing Standards.

To use the full set of CipherSuites and to operate with certified FIPS 140-2 and/or Suite-B compliance, a suitable JRE is required. IBM Java 7 Service Refresh 4 Fix Pack 2 or a higher level of IBM JRE provides the appropriate support.

Note: To use some CipherSuites, the 'unrestricted' policy files need to be configured in the JRE. For more details of how policy files are set up in an SDK or JRE, see the IBM SDK Policy files topic in the Security Reference for IBM SDK, Java Technology Edition, Version 7.
Table 1. CipherSpecs supported by IBM MQ and the equivalent CipherSuites
CipherSpec Equivalent CipherSuite (IBM JRE) Equivalent CipherSuite (Oracle JRE) Protocol FIPS 140-2 compatible
ECDHE_ECDSA_3DES_EDE_CBC_SHA256 SSL_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA TLSv1.2 yes
ECDHE_ECDSA_AES_128_CBC_SHA256 SSL_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 TLSv1.2 yes
ECDHE_ECDSA_AES_128_GCM_SHA256 SSL_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 TLSv1.2 yes
ECDHE_ECDSA_AES_256_CBC_SHA384 SSL_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 TLSv1.2 yes
ECDHE_ECDSA_AES_256_GCM_SHA384 SSL_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 TLSv1.2 yes
ECDHE_ECDSA_NULL_SHA256 SSL_ECDHE_ECDSA_WITH_NULL_SHA TLS_ECDHE_ECDSA_WITH_NULL_SHA TLSv1.2 no
ECDHE_ECDSA_RC4_128_SHA256 SSL_ECDHE_ECDSA_WITH_RC4_128_SHA TLS_ECDHE_ECDSA_WITH_RC4_128_SHA TLSv1.2 no
ECDHE_RSA_3DES_EDE_CBC_SHA256 SSL_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA TLSv1.2 yes
ECDHE_RSA_AES_128_CBC_SHA256 SSL_ECDHE_RSA_WITH_AES_128_CBC_SHA256 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 TLSv1.2 yes
ECDHE_RSA_AES_128_GCM_SHA256 SSL_ECDHE_RSA_WITH_AES_128_GCM_SHA256 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 TLSv1.2 yes
ECDHE_RSA_AES_256_CBC_SHA384 SSL_ECDHE_RSA_WITH_AES_256_CBC_SHA384 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 TLSv1.2 yes
ECDHE_RSA_AES_256_GCM_SHA384 SSL_ECDHE_RSA_WITH_AES_256_GCM_SHA384 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 TLSv1.2 yes
ECDHE_RSA_NULL_SHA256 SSL_ECDHE_RSA_WITH_NULL_SHA TLS_ECDHE_RSA_WITH_NULL_SHA TLSv1.2 no
ECDHE_RSA_RC4_128_SHA256 SSL_ECDHE_RSA_WITH_RC4_128_SHA TLS_ECDHE_RSA_WITH_RC4_128_SHA TLSv1.2 no
RC4_MD5_EXPORT SSL_RSA_EXPORT_WITH_RC4_40_MD5 SSL_RSA_EXPORT_WITH_RC4_40_MD5 SSLv3 no
FIPS_WITH_3DES_EDE_CBC_SHA SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA   SSLv3 no 1
FIPS_WITH_DES_CBC_SHA SSL_RSA_FIPS_WITH_DES_CBC_SHA   SSLv3 no 1
TLS_RSA_WITH_3DES_EDE_CBC_SHA 1 SSL_RSA_WITH_3DES_EDE_CBC_SHA SSL_RSA_WITH_3DES_EDE_CBC_SHA TLSv1 yes
TLS_RSA_WITH_AES_128_CBC_SHA SSL_RSA_WITH_AES_128_CBC_SHA TLS_RSA_WITH_AES_128_CBC_SHA TLSv1 yes
TLS_RSA_WITH_AES_128_CBC_SHA256 SSL_RSA_WITH_AES_128_CBC_SHA256 TLS_RSA_WITH_AES_128_CBC_SHA256 TLSv1.2 yes
TLS_RSA_WITH_AES_128_GCM_SHA256 SSL_RSA_WITH_AES_128_GCM_SHA256 TLS_RSA_WITH_AES_128_GCM_SHA256 TLSv1.2 yes
TLS_RSA_WITH_AES_256_CBC_SHA SSL_RSA_WITH_AES_256_CBC_SHA TLS_RSA_WITH_AES_256_CBC_SHA TLSv1 yes
TLS_RSA_WITH_AES_256_CBC_SHA256 SSL_RSA_WITH_AES_256_CBC_SHA256 TLS_RSA_WITH_AES_256_CBC_SHA256 TLSv1.2 yes
TLS_RSA_WITH_AES_256_GCM_SHA384 SSL_RSA_WITH_AES_256_GCM_SHA384 TLS_RSA_WITH_AES_256_GCM_SHA384 TLSv1.2 yes
TLS_RSA_WITH_DES_CBC_SHA SSL_RSA_WITH_DES_CBC_SHA SSL_RSA_WITH_DES_CBC_SHA TLSv1 no
NULL_MD5 SSL_RSA_WITH_NULL_MD5 SSL_RSA_WITH_NULL_MD5 SSLv3 no
NULL_SHA SSL_RSA_WITH_NULL_SHA SSL_RSA_WITH_NULL_SHA SSLv3 no
TLS_RSA_WITH_NULL_SHA256 SSL_RSA_WITH_NULL_SHA256 TLS_RSA_WITH_NULL_SHA256 TLSv1.2 no
RC4_MD5_US SSL_RSA_WITH_RC4_128_MD5 SSL_RSA_WITH_RC4_128_MD5 SSLv3 no
TLS_RSA_WITH_RC4_128_SHA256 SSL_RSA_WITH_RC4_128_SHA SSL_RSA_WITH_RC4_128_SHA TLSv1.2 no
Note:
  1. This CipherSpec TLS_RSA_WITH_3DES_EDE_CBC_SHA is deprecated. However, it can still be used to transfer up to 32 GB of data before the connection is terminated with error AMQ9288. To avoid this error, you need to either avoid using triple DES, or enable secret key reset when using this CipherSpec.
  2. The names of these CipherSuites are historical and reflect the fact that they were previously FIPS-compliant. They are no longer FIPS-compliant and use of these CipherSuites is deprecated.
  3. The following CipherSuite is no longer supported:
    • SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5
    Any attempt to use this CipherSuite and its corresponding IBM MQ CipherSpec RC2_MD5_EXPORT will fail with an appropriate exception. Installations that use this CipherSuite/CipherSpec combination should move to a supported combination.

Configuring your application to use IBM Java or Oracle Java CipherSuite mappings

From IBM MQ 8.0.0, Fix Pack 2, you can configure whether your application uses the default IBM Java CipherSuite to IBM MQ CipherSpec mappings, or the Oracle CipherSuite to IBM MQ CipherSpec mappings. Therefore, you can use TLS CipherSuites whether your application uses an IBM JRE or an Oracle JRE. The Java System Property com.ibm.mq.cfg.useIBMCipherMappings controls which mappings are used. The property can be one of the following values:
true
Use the IBM Java CipherSuite to IBM MQ CipherSpec mappings.
This value is the default value.
false
Use the Oracle CipherSuite to IBM MQ CipherSpec mappings.

For more information about using IBM MQ Java and TLS Ciphers, see the MQdev blog post MQ Java, TLS Ciphers, Non-IBM JREs & APARs IT06775, IV66840, IT09423, IT10837.

Configuring SSL Ciphersuites and FIPS-compliance in an IBM MQ classes for JMS application

  • An application that uses IBM MQ classes for JMS can use either of two methods to set the SSL CipherSuite for a connection:
    • Call the setSSLCipherSuite method of a ConnectionFactory object.
    • Use the IBM MQ JMS administration tool to set the SSLCIPHERSUITE property of a ConnectionFactory object.
  • An application that uses IBM MQ classes for JMS can use either of two methods to enforce FIPS 140-2 compliance:
    • Call the setSSLFipsRequired method of a ConnectionFactory object.
    • Use the IBM MQ JMS administration tool to set the SSLFIPSREQUIRED property of a ConnectionFactory object.

Interoperability limitations

Certain CipherSuites might be compatible with more than one IBM MQ CipherSpec, depending on the protocol in use; SSLv3 or a specific version of TLS. However, only the CipherSuite/CipherSpec combination that uses the TLS version specified in Table 1 is supported. Attempting to use the unsupported combinations of CipherSuites and CipherSpecs will fail with an appropriate exception. Installations using any of these CipherSuite/CipherSpec combinations should move to a supported combination.

The following table shows the CipherSuites to which this limitation applies.

Table 2. CipherSuites and their supported and unsupported CipherSpecs
CipherSuite Supported TLS CipherSpec Unsupported SSL CipherSpec
SSL_RSA_WITH_3DES_EDE_CBC_SHA TLS_RSA_WITH_3DES_EDE_CBC_SHA 1 TRIPLE_DES_SHA_US
SSL_RSA_WITH_DES_CBC_SHA TLS_RSA_WITH_DES_CBC_SHA DES_SHA_EXPORT
SSL_RSA_WITH_RC4_128_SHA TLS_RSA_WITH_RC4_128_SHA256 RC4_SHA_US
Note:
  1. This CipherSpec TLS_RSA_WITH_3DES_EDE_CBC_SHA is deprecated. However, it can still be used to transfer up to 32 GB of data before the connection is terminated with error AMQ9288. To avoid this error, you need to either avoid using triple DES, or enable secret key reset when using this CipherSpec.