Hi Brad,
Thank you for your response.
But I think my problem is that while I can use TLSv1.1 and TLSv1.2 at 7.1,
I don't have a compatible cypher at 7.1 ?
So at the moment on 7.1 I have the following cyphers available to me;
*RSA_AES_128_CBC_SHA256
*RSA_AES_128_CBC_SHA
*RSA_RC4_128_SHA
*RSA_RC4_128_MD5
*RSA_AES_256_CBC_SHA256
*RSA_AES_256_CBC_SHA
*RSA_3DES_EDE_CBC_SHA
*RSA_DES_CBC_SHA
*RSA_EXPORT_RC4_40_MD5
*RSA_EXPORT_RC2_CBC_40_MD5
*RSA_NULL_SHA256
*RSA_NULL_SHA
*RSA_NULL_MD5
And the Gateway requires;
ECDHE-RSA-AES128-GCM-SHA256:
ECDHE-RSA-AES256-GCM-SHA384:
ECDHE-RSA-AES256-SHA384:
ECDHE-RSA-AES256-CBC-SHA:
ECDHE-RSA-AES128-SHA256:
ECDHE-RSA-AES128-CBC-SHA
AES256-GCM-SHA384:
AES128-GCM-SHA256:
So my problem is not the support of TLS version but the lack of a
compatible cypher at 7.1
Would anyone be able to confirm this and I am not missing something ?
Thank you for your assistance
From: Bradley Stone <bvstone@xxxxxxxxx>
To: Midrange Systems Technical Discussion <midrange-l@xxxxxxxxxxxx>
Date: 18/08/2016 11:41 PM
Subject: Re: (GSKit) No compatible cipher suite available between
SSL end points.
Sent by: "MIDRANGE-L" <midrange-l-bounces@xxxxxxxxxxxx>
Don,
The instructions are to disable everything except TLS v1.1 and v1.2. Your
gateway says that's all it will use from now on (as will most
institutions)
V7R1 seems like it's still broken for SSL.. that's too bad. I said this
before, but I wonder if Scott has a flag in his HTTPAPI that allows you to
set the SSL/TLS version within it instead of using the system values which
don't seem to work on V7R1. I added this feature to GETURI a while back
when these issues started popping up and it worked like a charm without
the
need for PTFs.
Brad
www.bvstools.com
On Thu, Aug 18, 2016 at 8:19 AM, Don Brown <DBrown@xxxxxxxxxx> wrote:
Thanks Paul,
That may enable TLS1.1 and TLS1.2 but it will not provide a compatible
cypher for my gateway connection ?
Unless there is something I am missing in your reply ?
Thanks
Don Brown
As an Amazon Associate we earn from qualifying purchases.