If I'm not mistaken, a new V7R1 PTF from IBM is needed which will add the SHA384 cipher to the list of available ciphers.
Paul
-----Original Message-----
From: MIDRANGE-L [mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of Rob Berendt
Sent: Tuesday, December 20, 2016 2:39 PM
To: Midrange Systems Technical Discussion
Subject: RE: V7R1 is not supported anymore (at least for SSL ciphers)
That's the same two I got. Not a whole lot of information there, eh?
Rob Berendt
--
IBM Certified System Administrator - IBM i 6.1 Group Dekko Dept 1600 Mail to: 2505 Dekko Drive
Garrett, IN 46738
Ship to: Dock 108
6928N 400E
Kendallville, IN 46755
http://www.dekko.com
From: "Steinmetz, Paul" <PSteinmetz@xxxxxxxxxx>
To: "'Midrange Systems Technical Discussion'"
<midrange-l@xxxxxxxxxxxx>
Date: 12/20/2016 02:31 PM
Subject: RE: V7R1 is not supported anymore (at least for SSL
ciphers)
Sent by: "MIDRANGE-L" <midrange-l-bounces@xxxxxxxxxxxx>
Rob,
Done that.
My SHA384 search returned 2 PTFs, one which was V7R1.
However, very old (2013) and probably not related.
SI45912 - CCA - CSNDPKX fails with return reason code 8/72 for ECC key
Paul
-----Original Message-----
From: MIDRANGE-L [mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of Rob
Berendt
Sent: Tuesday, December 20, 2016 2:20 PM
To: Midrange Systems Technical Discussion
Subject: RE: V7R1 is not supported anymore (at least for SSL ciphers)
IDK. You might want to try clicking on the link I posted and try the
search yourself.
Or does your company not allow you to use a browser to search the
internet?
Rob Berendt
--
IBM Certified System Administrator - IBM i 6.1 Group Dekko Dept 1600 Mail
to: 2505 Dekko Drive
Garrett, IN 46738
Ship to: Dock 108
6928N 400E
Kendallville, IN 46755
http://www.dekko.com
From: "Steinmetz, Paul" <PSteinmetz@xxxxxxxxxx>
To: "'Midrange Systems Technical Discussion'"
<midrange-l@xxxxxxxxxxxx>
Date: 12/20/2016 01:45 PM
Subject: RE: V7R1 is not supported anymore (at least for SSL
ciphers)
Sent by: "MIDRANGE-L" <midrange-l-bounces@xxxxxxxxxxxx>
Rob,
What was the V7R1 PTF that your SHA384 search revealed?
Paul
-----Original Message-----
From: MIDRANGE-L [mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of Rob
Berendt
Sent: Tuesday, December 20, 2016 12:26 PM
To: Midrange Systems Technical Discussion
Subject: RE: V7R1 is not supported anymore (at least for SSL ciphers)
First of all, I could only use 50% of those links. The others went to an
IBM "Our apologies" website.
Perhaps that is why Brad asked "Does this fix add newer ciphers?" instead
of stating a fact.
On 7.3 I followed the recommended steps and in there I see:
...
YA ECDHE_RSA_AES_256_CBC_SHA384
...
I do not have access to a 7.1 machine, with or without current PTFs.
I did a search of all PTF cover letters at
http://www-912.ibm.com/a_dir/as4ptf.nsf/as4ptfhome
a search for ECDHE_RSA_AES_256_GCM_SHA384 was futile for all releases.
A search for SHA384 did turn up a 7.1 PTF. No further information was in
there to indicate that it was the right SHA384 cipher.
Rob Berendt
midrange.com
