Alternatives for specifying CipherSpecs

Note:
This section does not apply to UNIX(R) or Windows(R) systems, because the CipherSpecs are provided with the WebSphere MQ product, so new CipherSpecs do not become available after shipment.

For those platforms where the operating system provides the SSL support, your system might support new CipherSpecs that are not included in Table 3. You can specify a new CipherSpec with the SSLCIPH parameter, but the value you supply depends on your platform. In all cases the specification must correspond to an SSL CipherSpec that is both valid and supported by the version of SSL your system is running.

i5/OS(TM)
A two-character string representing a hexadecimal value.

For more information about the permitted values, refer to the iSeries(TM) Information Center at http://publib.boulder.ibm.com/html/as400/infocenter.html

You can use either the CHGMQMCHL or the CRTMQMCHL command to specify the value, for example:

CRTMQMCHL CHLNAME('channnel name') SSLCIPH('hexadecimal value')

You can also use the ALTER QMGR MQSC command to set the SSLCIPH parameter.

z/OS(R)
A two-character string representing a hexadecimal value. The hexadecimal codes correspond to the SSL protocol values defined at http://home.netscape.com/eng/ssl3/ssl-toc.html

For more information, refer to "Chapter 7. API Reference" in the z/OS System SSL Programming book (SC24-5901).

Considerations for WebSphere MQ clusters

With WebSphere MQ clusters you should try to use the CipherSpec names in Table 3. If you use an alternative specification, be aware that the specification might not be valid on other platforms. For more information, refer to the WebSphere MQ Queue Manager Clusters book.