Secure Sockets Layer (SSL) cipher specification list (QSSLCSL)
The Secure Sockets Layer cipher specification list (QSSLCSL) system value determines what cipher specification list will be supported by System SSL.
System SSL uses the sequence of the values in QSSLCSL to order the System SSL default cipher specification list. The default cipher specification list entries are system defined and can be changed on release boundaries. If a default cipher suite is removed from the QSSLCSL system value, it is also removed from the default cipher specification list. The default cipher suite is added back to the default cipher specification list when the cipher suite is added back into the QSSLCSL system value. You cannot add other cipher suites to the default cipher specification list beyond the system defined set for the release. Besides, a cipher suite cannot be added to QSSLCSL if the required SSL protocol value for the cipher suite is not set for the QSSLPCL (SSL protocol list) system value.
The values of the QSSLCSL system value are read-only unless the SSL cipher control (QSSLCSLCTL) system value is set to *USRDFN.
The values allowed for the QSSLCSL system value are as follows:
- *RSA_AES_128_GCM_SHA256
- *RSA_AES_256_GCM_SHA384
- *ECDHE_ECDSA_NULL_SHA
- *ECDHE_ECDSA_RC4_128_SHA
- *ECDHE_ECDSA_3DES_EDE_CBC_SHA
- *ECDHE_RSA_NULL_SHA
- *ECDHE_RSA_RC4_128_SHA
- *ECDHE_RSA_3DES_EDE_CBC_SHA
- *ECDHE_ECDSA_AES_128_CBC_SHA256
- *ECDHE_ECDSA_AES_256_CBC_SHA384
- *ECDHE_RSA_AES_128_CBC_SHA256
- *ECDHE_RSA_AES_256_CBC_SHA384
- *ECDHE_ECDSA_AES_128_GCM_SHA256
- *ECDHE_ECDSA_AES_256_GCM_SHA384
- *ECDHE_RSA_AES_128_GCM_SHA256
- *ECDHE_RSA_AES_256_GCM_SHA384
- *RSA_AES_128_CBC_SHA256
- *RSA_AES_128_CBC_SHA
- *RSA_AES_256_CBC_SHA256
- *RSA_AES_256_CBC_SHA
- *RSA_3DES_EDE_CBC_SHA
- *RSA_RC4_128_SHA
- *RSA_RC4_128_MD5
- *RSA_DES_CBC_SHA
- *RSA_EXPORT_RC2_CBC_40_MD5
- *RSA_EXPORT_RC4_40_MD5
- *RSA_NULL_SHA256
- *RSA_NULL_SHA
- *RSA_NULL_MD5
- *RSA_RC2_CBC_128_MD5
- *RSA_3DES_EDE_CBC_MD5
- *RSA_DES_CBC_MD5
You can refer to the Secure Sockets Layer cipher specification list topic in the System values topic collection for more information about the shipped values.