|
How common is it that one has to add ciphers that are obsolete (in this
case AES_256_CBC)? The vendor is not a giant but not tiny either. Have not
said whether they will upgrade or not (sent to their DevOps..).
Their test site according to Chrome is TLS 1.2 AES 128 GCM and their prod
site TLS 1.3 AES 256 GCM (even though their tech said they were the same),
but need to get a token from another server and that is the obsolete cipher
TLS 1.2 AES_256_CBC. Our single system at V7R5 and latest cume and groups
thru mid december.
SSL sysvals are *OPSYS and QSSLCSL lists the 9 that match up with TLS 1.2
and 1.3 per
https://www.ibm.com/support/pages/configuring-your-ibm-i-system-secure-sockets-layer-ssltransport-layer-security-tls-protocols-and-cipher-suites
Using GETURI - Test works great, Prod get token throws RC 406 since 1st
attempt.
Jim Franz
--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
To post a message email: MIDRANGE-L@xxxxxxxxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: https://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxxxxxxxx
Before posting, please take a moment to review the archives
at https://archive.midrange.com/midrange-l.
Please contact support@xxxxxxxxxxxxxxxxxxxx for any subscription related
questions.
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2025 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.
midrange.com
