Supported TLS Versions and Algorithm Suites
Use only strong ciphers for your business communications.
TLS 1.2
The following algorithms and cipher suites are supported in IBM® webMethods B2B for TLS 1.2. The table lists all the ciphers and algorithms used for outbound documents:
| Algorithms | Cipher Suites |
|---|---|
| Diffie-Hellman Exchange | TLS_DHE_DSS_WITH_AES_128_CBC_SHA |
| TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 | |
| TLS_DHE_DSS_WITH_AES_128_GCM_SHA256 | |
| TLS_DHE_DSS_WITH_AES_256_CBC_SHA | |
| TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 | |
| TLS_DHE_DSS_WITH_AES_256_GCM_SHA384 | |
| TLS_DHE_RSA_WITH_AES_128_CBC_SHA | |
| TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 | |
| TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 | |
| TLS_DHE_RSA_WITH_AES_256_CBC_SHA | |
| TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 | |
| TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 | |
| ECDHE ECDSA | TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA |
| TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 | |
| TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 | |
| TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA | |
| TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 | |
| TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 | |
| ECDHE RSA | TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA |
| TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 | |
| TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA | |
| TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 | |
| ECDH ECDSA | TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA |
| TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 | |
| TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 | |
| TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA | |
| TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 | |
| TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 | |
| ECDH RSA | TLS_ECDH_RSA_WITH_AES_128_CBC_SHA |
| TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 | |
| TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 | |
| TLS_ECDH_RSA_WITH_AES_256_CBC_SHA | |
| TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 | |
| TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 | |
| EMPTY | TLS_EMPTY_RENEGOTIATION_INFO_SCSV |
| RSA | TLS_RSA_WITH_AES_128_CBC_SHA |
| TLS_RSA_WITH_AES_128_CBC_SHA256 | |
| TLS_RSA_WITH_AES_128_GCM_SHA256 | |
| TLS_RSA_WITH_AES_256_CBC_SHA | |
| TLS_RSA_WITH_AES_256_CBC_SHA256 | |
| TLS_RSA_WITH_AES_256_GCM_SHA384 |
The following table lists all the ciphers and algorithms used for inbound documents:
- TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
- TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
- TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
- TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
- TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
TLS 1.3
The following TLS 1.3 algorithms and cipher suites are supported for outbound runtime calls in IBM webMethods B2B.
NOTE IBM webMethods B2B does not support TLS 1.3 for inbound HTTPs communication.
| Cipher Suites |
|---|
| TLS_AES_256_GCM_SHA384 |
| TLS_CHACHA20_POLY1305_SHA256 |
| TLS_AES_128_GCM_SHA256 |
| TLS_AES_128_CCM_8_SHA256 |
| TLS_AES_128_CCM_SHA256 |