IBM Support

SSL and TLS Cipher Specification Deprecations for the MQ Product

Technical Blog Post


Abstract

SSL and TLS Cipher Specification Deprecations for the MQ Product

Body

 

Due to the recent security vulnerabilities (for example, POODLE Attack), the latest MQ product Fix Packs come with stricter, default security requirements that affect the use of the compromised Secure Socket Layer (SSL) and Weak Transport Level Security (TLS) Cipher Specifications. Since these Cipher Specification deprecations are disabled in MQ Fix Packs by default, below are the changes separated by MQ versions and Fix Pack levels.

 

I. The following WebSphere MQ product versions/fixpacks DO NOT restrict any SSL or TLS Cipher Specification as referenced in the "Specifying CipherSpecs" / "Enabling CipherSpecs" section(s) of the product documentation:

A. MQ V7.0.0.0 – MQ V7.0.1.12 - Specifying CipherSpecs

B. MQ V7.1.0.0 – MQ V7.1.0.6 - Specifying CipherSpecs

C. MQ V7.5.0.0 – MQ V7.5.0.4 - Specifying CipherSpecs

D. MQ V8.0.0.0 – MQ V8.0.0.1 - Enabling CipherSpecs

 

II. The following WebSphere MQ product versions/fixpacks, deprecates (disables) all SSL Cipher Specifications.

NOTE: This restriction will not allow channels to run if configured with SSL Cipher Specifications.

APAR IV73396 deprecates SSL Cipher Specifications at the following code levels:

     - MQ V7.0.1.13*
     - MQ V7.1.0.7*
     - MQ V7.5.0.5
     - MQ V7.5.0.6

*NOTE: The following information DOES NOT apply to MQ V7.0.1.13 or V7.1.0.7 although the SSL Cipher Specifications have been disabled at said code levels. Please refer to the next section for details regarding environment variables, qm.ini settings, and error messages.

In order to re-enable and use SSL Cipher Specifications an environment variable or qm.ini property will be required and the queue manager will be need to be restarted.

Set the environment variable "AMQ_SSL_V3_ENABLE=Y" or modify the queue manager configuration file, qm.ini with the following stanza and attribute:

SSL:
AllowSSLV3=Y

If the SSLv3.0 environment variable or the qm.ini configuration file has not been configured and a channel was modified with an SSL Cipher Specification, the following error message will be reported in the queue manager error logs:

     Using the MQSC utility, runmqsc:

     AMQ9635: Channel 'MQ75.MQ7502' did not specify a valid CipherSpec.


NOTE: All TLS Cipher Specifications are still enabled by default.

 

III. The following WebSphere MQ product versions/fixpacks, deprecates (disables) all SSL Cipher Specifications and Weak TLS Cipher Specifications.

NOTE: This restriction will not allow channels to run if configured with SSL Cipher Specifications or Weak TLS Cipher Specifications.

A. APAR IV73396 deprecates SSL Cipher Specifications at the following code levels:

     - MQ V7.0.1.13
     - MQ V7.1.0.7
     - MQ V7.5.0.5

B. APAR IV73287 deprecates Weak TLS Cipher Specifications at the following code levels:

     - MQ V7.0.1.13
     - MQ V7.1.0.7
     - MQ V7.5.0.6

 

NOTES:

  • In order to re-enable and use SSL Cipher Specifications two environment variables or qm.ini properties and a restart of the queue manager will be required.

    Set the environment variables AMQ_SSL_V3_ENABLE=Y and AMQ_SSL_WEAK_CIPHER_ENABLE=Y or modify the queue manager configuration file, qm.ini with the following stanza and attributes:

        SSL:
        AllowSSLV3=Y
        AllowWeakCipherSpec=Y
     
  • If you only want to re-enable and use Weak TLS Cipher Specifications, only one of either the environment variable or qm.ini property setting, and a restart of the queue manager is required.

        AMQ_SSL_WEAK_CIPHER_ENABLE=Y

        or

        SSL:
        AllowWeakCipherSpec=Y
     
  • If both variables or qm.ini properties for SSLv3.0 CipherSpecs are not set and the channel was configured with an SSL Cipher Spec, the following error will be written to the queue manager error log when the channel attempts to start:

        AMQ9635: Channel 'ChannelName' did not specify a valid CipherSpec.
     
  • For SSLv3.0 CipherSpecs, if you only set the variable AMQ_SSL_V3_ENABLE=Y or the qm.ini SSL stanza with the property AllowSSLV3=Y, and the channel was configured with an SSL CipherSpec, the following error will be written to the queue manager error log:

        AMQ9620: Internal error on call to SSL function on channel 'MQ71.MQ71_2' to host 'hostname(port)'.
        An error indicating a software problem was returned from a function which is used to provide SSL or TLS support. The error code returned was '702'.
        The function call was 'gsk_attribute_set_buff - GSK_V3_CIPHER_SPECS_EX - cciSslSetCipherSpecs'.

    The error message is due to APAR IV83471.
     
  • For SSLv3.0 CipherSpecs, if you only set the variable AMQ_SSL_WEAK_CIPHER_ENABLE=Y or add the qm.ini SSL stanza with AllowWeakCipherSpec=Y and the channel was configured with an SSL Cipher Spec, the following error will be written to the queue manager error log:

        AMQ9635: Channel 'ChannelName' did not specify a valid CipherSpec.
     
  • For weak TLS CipherSpecs, if you do not set the variable AMQ_SSL_WEAK_CIPHER_ENABLE=Y or add the qm.ini SSL stanza with AllowWeakCipherSpec=Y and the channel was configured with a weak TLS Cipher Spec, the following error will be written to the queue manager error log:

        AMQ9788: The channel 'ChannelName' specified a weak or broken CipherSpec.

 

IV. With the release of the IBM MQ V8.0.0.2, the SSL Cipher Specifications are deprecated (disabled) but all TLS Cipher Specifications are enabled.

In order to enable an SSL Cipher Specification the following environment variable or qm.ini setting is required.

Set the environment variable AMQ_SSL_V3_ENABLE=Y or modify the queue manager configuration file qm.ini with the following stanza and attribute:

    SSL:
    AllowSSLV3=Y


If the SSLv3.0 environment variable or qm.ini configuration file has not been configured and a channel was modified with an SSL Cipher Specification, the following warning messages will be incurred. However, no error message will be written to the queue manager error log.

    Using the MQSC utility, runmqsc:

    alter chl(MQ8.MQ8_2) chltype(sdr) sslciph(TRIPLE_DES_SHA_US)
         2 : alter chl(MQ8.MQ8_2) chltype(sdr) sslciph(TRIPLE_DES_SHA_US)

    AMQ8242: SSLCIPH definition wrong.

    Using the MQ Explorer the following warning message is reported:

image
(click image to enlarge)

 

 

V. With the release IBM MQ V8.0.0.3, SSL and weak TLS Cipher Specifications continue to be deprecated (disabled), as in the prior versions mentioned above, but now weak Cipher Specifications require a new value. This change is for both SSL and weak TLS Cipher Specifications.

    AMQ_SSL_WEAK_CIPHER_ENABLE=Value

    or

    SSL:
    AllowWeakCipherSpec=Value

    The accepted values for the environment variable or queue manager configuration setting is as follows:

        - A single SSL or Weak TLS Cipher Specification Name.    
        - A string of SSL or Weak TLS Cipher Specification names delimited by commas.
        - The value of "ALL" to enable all SSL and all weak TLS Cipher Specifications.


To illustrate the functional change, I have two example configurations: one using an SSL Cipher Specification and the other configuring a TLS Cipher Specification.

 

  • Secure Socket Layer (SSL)

    At Fix Pack 8.0.0.3, enabling SSL Cipher Specifications requires the combination of two environment variables or queue manager configuration file settings.
    For example, if you want to configure the SSL Cipher Specification RC4_MD5_US for a given channel, in order for this Cipher Specification to be used successfully one is required to set the following:

    Environment Variables:
    AMQ_SSL_V3_ENABLE=Y
    AMQ_SSL_WEAK_CIPHER_ENABLE=RC4_MD5_US

    or

    Queue Manager configuration file (qm.ini):
    SSL:
    AllowSSLV3=Y
    AllowWeakCipherSpec=RC4_MD5_US

    The variable or qm.ini attribute will allow the Cipher Specification, RC4_MD5_US, to be recognized and successfully used. In addition, if the Cipher Specification, RC4_MD5_US, is part of a string of Cipher Specifications or the 'ALL' value is configured, the channel will run successfully.

    NOTE: The above assumes a proper SSL configuration (for example, key databases, certificates, label, etc.).


    To warn users of these new changes, a check has been put into place when defining or modifying an SSL Cipher Specification on MQ channels. For example, if the environment variable to enable SSL Cipher Specifications (AMQ_SSL_V3_ENABLE or AllowSSLV3) is not set, the following warning messages will be incurred when using the runmqsc shell or the MQ Explorer respectively.

    runmqsc QMName
    5724-H72 (C) Copyright IBM Corp. 1994, 2014.
    Starting MQSC for queue manager 'QMName'.
    alter chl(ChannelName) chltype(sdr) sslciph(RC4_MD5_US)
        1 : alter chl(ChannelName) chltype(sdr) sslciph(RC4_MD5_US)

    AMQ8242: SSLCIPH definition wrong.

    Using the MQ Explorer the following warning message is reported:

    image
    (click image to enlarge)

    If you inadvertently apply the modification using the MQ Explorer, the following error message is reported:

    image
    (click image to enlarge)

    NOTE: No error messages will be logged to the queue manager error log.

    Furthermore, if ONLY the 'AMQ_SSL_V3_ENABLE' variable is set or the 'AllowSSLV3' property under the SSL stanza, the channel will be able to be configured with an SSL Cipher Specification.  However, when the channel is started the following error message is written to the queue manager error logs and the channel will not go into a running state.

    AMQ9674: The channel 'ChannelName' specified a weak or broken CipherSpec.

     
  • Transport Layer Security (TLS)

    Enabling a weak TLS Cipher Specification requires setting one environment variable 'AMQ_SSL_WEAK_CIPHER_ENABLE' or queue manager configuration file setting, 'AllowWeakCipherSpec'. If you will be configuring the use of both SSL and TLS Cipher Specs, then both environment variables or queue manager configuration settings will need to be set as documented under the SSL section above.

    For example to enable a weak TLS Cipher Specification, TLS_RSA_WITH_NULL_NULL, the following would be set.

    Environment Variable:
    AMQ_SSL_WEAK_CIPHER_ENABLE=TLS_RSA_WITH_NULL_NULL

    or

    Queue Manager configuration file (qm.ini):
    SSL:
    AllowWeakCipherSpec= TLS_RSA_WITH_NULL_NULL


    If the environment variable or the queue manager configuration file has not been set to enable weak TLS Cipher Specs and a channel is configured with a weak TLS CipherSpec the following warning message will appear in the MQ Explorer but the Cipher Specification can be applied.

    image
    (click image to enlarge)

    NOTE: If the modification was performed using the runmqsc utility, no warning message will be displayed and the channel modification will be applied.

    However, after configuring the channel with a weak TLS CipherSpec, the channel is started, the following MQ error message will be written to the queue manager error log:

    AMQ9674: The channel 'MQ8.MQ8_2' specified a weak or broken CipherSpec.
     

 

VI. Deprecated (disabled) SSL Cipher Specifications and Weak TLS Cipher Specifications.

NOTE: These are the Cipher Specifications that REQUIRE the environment variables or qm.ini setting discussed previously, in order to use them for encrypted communications.

Below is a list of deprecated (disabled) Cipher Specifications categorized by the protocol, the version, and applicable Operating System. Details concerning deprecated Cipher Specifications can be found in product documentation section "Deprecated CipherSpecs."

SSL V3
All CipherSpecs are disabled by default

TLS 1.0
Cipher Specification                Operating System
TLS_RSA_EXPORT_WITH_RC2_40_MD5      IBMi
TLS_RSA_EXPORT_WITH_RC4_40_MD5      IBMi
TLS_RSA_WITH_DES_CBC_SHA            All Platforms
TLS_RSA_WITH_NULL_MD5               IBMi
TLS_RSA_WITH_NULL_SHA               IBMi
TLS_RSA_WITH_RC4_128_MD5            IBMi

TLS 1.2
Cipher Specification                Operating System
ECDHE_ECDSA_NULL_SHA256             Linux,Windows,Unix
ECDHE_ECDSA_RC4_128_SHA256          Linux,Windows,Unix
ECDHE_RSA_NULL_SHA256               Linux,Windows,Unix
ECDHE_RSA_RC4_128_SHA256            Linux,Windows,Unix
TLS_RSA_WITH_NULL_NULL              Linux,Windows,Unix
TLS_RSA_WITH_NULL_SHA256            All Platforms
TLS_RSA_WITH_RC4_128_SHA256         Linux,Windows,Unix

 

VII. Cipher Specifications Enabled By Default.

NOTE: These are the Cipher Specifications that are available (enabled) when configuring encrypted channel communications for the MQ product.

TLS 1.0
Cipher Specification                Operating System
TLS_RSA_WITH_AES_128_CBC_SHA        All Platforms
(AES_SHA_US on IBM I)

TLS 1.0
Cipher Specification                Operating System
TLS_RSA_WITH_AES_256_CBC_SHA        All Platforms
TLS_RSA_WITH_3DES_EDE_CBC_SHA       All Platforms

TLS 1.2
Cipher Specification                Operating System
ECDHE_ECDSA_AES_128_CBC_SHA256      Linux,Windows,Unix,zOS
ECDHE_ECDSA_AES_256_CBC_SHA384      Linux,Windows,Unix,zOS
ECDHE_ECDSA_AES_128_GCM_SHA256      Linux,Windows,Unix
ECDHE_ECDSA_AES_256_GCM_SHA384      Linux,Windows,Unix
ECDHE_ECDSA_3DES_EDE_CBC_SHA256     Linux,Windows,Unix
ECDHE_RSA_AES_128_CBC_SHA256        Linux,Windows,Unix,zOS
ECDHE_RSA_AES_256_CBC_SHA384        Linux,Windows,Unix,zOS
ECDHE_RSA_AES_128_GCM_SHA256        Linux,Windows,Unix
ECDHE_RSA_AES_256_GCM_SHA384        Linux,Windows,Unix
ECDHE_RSA_3DES_EDE_CBC_SHA256       Linux,Windows,Unix
TLS_RSA_WITH_AES_128_CBC_SHA256     All Platforms
TLS_RSA_WITH_AES_256_CBC_SHA256     All Platforms
TLS_RSA_WITH_AES_128_GCM_SHA256     Linux,Windows,Unix
TLS_RSA_WITH_AES_256_GCM_SHA384     Linux,Windows,Unix


IBM i support for TLS 1.2 CipherSpecs
IBM MQ for IBM i now supports the following CipherSpecs:

TLS_ECDHE_ECDSA_WITH_NULL_SHA
TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
TLS_ECDHE_RSA_WITH_NULL_SHA
TLS_ECDHE_RSA_WITH_RC4_128_SHA
TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384

 

 

[{"Business Unit":{"code":"BU004","label":"Hybrid Cloud"},"Product":{"code":"","label":""},"Component":"","Platform":[{"code":"","label":""}],"Version":"","Edition":""}]

UID

ibm11081233