Deprecated CipherSpecs
A list of deprecated CipherSpecs that you are able to use with IBM® MQ if necessary.
Note: On UNIX, Linux®, and Windows, IBM MQ provides FIPS 140-2 compliance through the IBM Crypto for C (ICC) cryptographic module. The certificate for this
module has been moved to the Historical status. Customers should view the IBM Crypto for C (ICC) certificate
and be aware of any advice provided by NIST. A replacement FIPS 140-3 module is
currently in progress and its status can be viewed by searching for it in the NIST CMVP modules in process list.
See CipherSpec values supported in IBM MQ for more information on how you can enable deprecated CipherSpecs.
Deprecated CipherSpecs that you can use with IBM MQ TLS and SSL support are listed in the following table.
Platform support 1 | CipherSpec name | Protocol used | Data integrity | Encryption algorithm | Encryption bits | FIPS 2 | Suite B | Update when deprecated |
---|---|---|---|---|---|---|---|---|
AES_SHA_US
|
SSL 3.0 | SHA-1 | AES | 128 | No | No | 8.0.0.2 | |
All | DES_SHA_EXPORT 3
8 |
SSL 3.0 | SHA-1 | DES | 56 | No | No | 8.0.0.2 |
DES_SHA_EXPORT1024 4
|
SSL 3.0 | SHA-1 | DES | 56 | No | No | 8.0.0.2 | |
FIPS_WITH_DES_CBC_SHA
|
SSL 3.0 | SHA-1 | DES | 56 | No6 | No | 8.0.0.2 | |
FIPS_WITH_3DES_EDE_CBC_SHA
|
SSL 3.0 | SHA-1 | 3DES | 168 | No7 | No | 8.0.0.6 | |
All | NULL_MD5
|
SSL 3.0 | MD5 | None | 0 | No | No | 8.0.0.2 |
All | NULL_SHA
|
SSL 3.0 | SHA-1 | None | 0 | No | No | 8.0.0.2 |
All | RC2_MD5_EXPORT 3
8 |
SSL 3.0 | MD5 | RC2 | 40 | No | No | 8.0.0.3 |
All | RC4_MD5_EXPORT 3
|
SSL 3.0 | MD5 | RC4 | 40 | No | No | 8.0.0.3 |
All | RC4_MD5_US
|
SSL 3.0 | MD5 | RC4 | 128 | No | No | 8.0.0.3 |
All | RC4_SHA_US
8 |
SSL 3.0 | SHA-1 | RC4 | 128 | No | No | 8.0.0.3 |
RC4_56_SHA_EXPORT1024 4
|
SSL 3.0 | SHA-1 | RC4 | 56 | No | No | 8.0.0.3 | |
All | TRIPLE_DES_SHA_US
8 |
SSL 3.0 | SHA-1 | 3DES | 168 | No | No | 8.0.0.6 |
TLS_RSA_EXPORT_WITH_RC2_40_MD5
|
TLS 1.0 | MD5 | RC2 | 40 | No | No | 8.0.0.3 | |
TLS_RSA_EXPORT_WITH_RC4_40_MD5 3
|
TLS 1.0 | MD5 | RC4 | 40 | No | No | 8.0.0.3 | |
All | TLS_RSA_WITH_DES_CBC_SHA
|
TLS 1.0 | SHA-1 | DES | 56 | No5 | No | 8.0.0.2 |
TLS_RSA_WITH_NULL_MD5
|
TLS 1.0 | MD5 | None | 0 | No | No | 8.0.0.2 | |
TLS_RSA_WITH_NULL_SHA
|
TLS 1.0 | SHA-1 | None | 0 | No | No | 8.0.0.2 | |
TLS_RSA_WITH_RC4_128_MD5
|
TLS 1.0 | MD5 | RC4 | 128 | No | No | 8.0.0.3 | |
ECDHE_ECDSA_NULL_SHA256
|
TLS 1.2 | SHA-1 | None | 0 | No | No | 8.0.0.2 | |
ECDHE_ECDSA_RC4_128_SHA256
|
TLS 1.2 | SHA-1 | RC4 | 128 | No | No | 8.0.0.3 | |
ECDHE_RSA_NULL_SHA256
|
TLS 1.2 | SHA-1 | None | 0 | No | No | 8.0.0.2 | |
ECDHE_RSA_RC4_128_SHA256
|
TLS 1.2 | SHA-1 | RC4 | 128 | No | No | 8.0.0.3 | |
TLS_RSA_WITH_NULL_NULL
|
TLS 1.2 | None | None | 0 | No | No | 8.0.0.2 | |
All | TLS_RSA_WITH_NULL_SHA256
|
TLS 1.2 | SHA-256 | None | 0 | No | No | 8.0.0.3 |
TLS_RSA_WITH_RC4_128_SHA256
|
TLS 1.2 | SHA-1 | RC4 | 128 | No | No | 8.0.0.3 | |
All | TLS_RSA_WITH_3DES_EDE_CBC_SHA9 |
TLS 1.0 | SHA-1 | 3DES | 168 | Yes | No | 8.0.0.6 |
ECDHE_ECDSA_3DES_EDE_CBC_SHA2569 |
TLS 1.2 | SHA-1 | 3DES | 168 | Yes | No | 8.0.0.6 | |
ECDHE_RSA_3DES_EDE_CBC_SHA2569 |
TLS 1.2 | SHA-1 | 3DES | 168 | Yes | No | 8.0.0.6 | |
Notes:
|