Cipher suites define the key exchange, data encryption,
and hash algorithms used for an SSL session between a client and server.
Cipher suites define the key exchange, data
encryption, and hash algorithms used for an SSL session between a
client and server. During the SSL handshake, both sides present the
cipher suites that they are able to support and the strongest one
common to both sides is selected. In this way, you can restrict the
cipher suites that a Java client application presents. CICS Transaction
Gateway uses cipher suites provided by the Java runtime environment
for the SSL protocol. The cipher suites available to be used are dependant
on the Java version. See the documentation supplied with your Java
runtime environment for valid cipher suites.
Restricting cipher suites for a Java client application
To
restrict the cipher suites used by a JavaGateway object, use the setProtocolProperties() method
to add the property JavaGateway.SSL_PROP_CIPHER_SUITES to
the properties object passed to it. The value of the property must
contain a comma-separated list of the cipher suites that the application
is restricted to using.
For example:
Properties sslProps = new Properties();
sslProps.setProperty(JavaGateway.SSL_PROP_KEYRING_CLASS, strSSLKeyring);
sslProps.setProperty(JavaGateway.SSL_PROP_KEYRING_PW, strSSLPassword);
sslProps.setProperty(JavaGateway.SSL_PROP_CIPHER_SUITES,
"SSL_RSA_WITH_NULL_SHA");
javaGatewayObject = new JavaGateway(strUrl, iPort, sslProps);