IBM Support

ECuRep encryption information

General Page

The ECuRep servers support different encryption options. This page lists the current encryption settings plus planned changes. 

TLS Server certificates are replaced without any notice unless intermediate  or root certificate changes.

For further information also read the encryption help page.

Detailed information for server using  HTTPS protocol:

Server Port
Root certificate
Protocol
Cipher suites (openssl denotation)
Testcase.boulder.ibm.com
(170.225.15.31)
443
DigiCert Global Root CA
TLSv1.2
TLSv1.1
TLSv1.0
AES256-GCM-SHA384
AES256-SHA256
AES256-SHA
AES128-GCM-SHA256
AES128-SHA256
AES128-SHA
www.ap.ecurep.ibm.com
(169.56.38.170)
443
DigiCert Global Root G2
TLSv1.2
ECDHE-RSA-AES256-GCM-SHA384
ECDHE-RSA-AES256-SHA384
AES256-GCM-SHA384
AES256-SHA256
ECDHE-RSA-AES128-GCM-SHA256
ECDHE-RSA-AES128-SHA256
AES128-GCM-SHA256
AES128-SHA256
www.secure.ecurep.ibm.com
(192.109.81.21)
443
DigiCert Global Root G2
TLSv1.3
TLSv1.2
ECDHE-RSA-AES256-GCM-SHA384
ECDHE-RSA-AES256-SHA384
AES256-GCM-SHA384
AES256-SHA256
ECDHE-RSA-AES128-GCM-SHA256
ECDHE-RSA-AES128-SHA256
AES128-GCM-SHA256
AES128-SHA256

Detailed information for server using  FTP over TLS protocol:

Server Port
Root certificate
Protocol
Cipher suites (openssl denotation)
ftps.ecurep.ibm.com
(192.109.81.10)
21
65024 - 65535
DigiCert Global Root G2
TLSv1.3
TLSv1.2
ECDHE-RSA-AES256-GCM-SHA384
ECDHE-RSA-AES128-GCM-SHA256
ECDHE-RSA-AES128-SHA256
AES256-GCM-SHA384
AES256-SHA256
AES128-GCM-SHA256
AES128-SHA256
ftps.ap.ecurep.ibm.com
(169.56.38.162, 169.56.38.163)
21
65024 - 65535
DigiCert Global Root G2
TLSv1.2
ECDHE-RSA-AES256-GCM-SHA384
ECDHE-RSA-AES128-GCM-SHA256
ECDHE-RSA-AES128-SHA256
AES256-GCM-SHA384
AES256-SHA256
AES128-GCM-SHA256
AES128-SHA256
Testcase.boulder.ibm.com
(170.225.15.31)
21
65024 - 65535
DigiCert Global Root CA
TLSv1.2
TLSv1.1
TLSv1.0
AES_256_GCM_SHA384
AES_256_CBC_SHA256
AES_256_CBC_SHA
AES_128_GCM_SHA256
AES_128_CBC_SHA256 AES_128_CBC_SHA

Detailed information for server using Secure Shell (SSH) version 2 protocol:

Server Port Key exchange
Encryption
sftp.ecurep.ibm.com
(192.109.81.25)
22
diffie-hellman-group-exchange-sha256
ecdh-sha2-nistp256
ecdh-sha2-nistp384
ecdh-sha2-nistp521
aes256-ctr
aes192-ctr
aes128-ctr
sftp.ap.ecurep.ibm.com
(169.56.38.162, 169.56.38.163)
22
diffie-hellman-group-exchange-sha256
ecdh-sha2-nistp256
ecdh-sha2-nistp384
ecdh-sha2-nistp521
aes256-ctr
aes192-ctr
aes128-ctr
Testcase.boulder.ibm.com
(170.225.15.31)
22
diffie-hellman-group-exchange-sha256
diffie-hellman-group14-sha1
aes256-ctr
aes192-ctr
aes128-ctr

SFTP Server host keys:

Server
Key type
Key length Server key fingerprint (sha256)
sftp.ecurep.ibm.com
(192.109.81.25)
RSA 2048
NmQSXbHir/W7ymYmJ9/5Noz0/VNiX3WZscvs9O/vNE8
(last key update: April 8, 2021)
sftp.ap.ecurep.ibm.com
(169.56.38.162, 169.56.38.163)
RSA 2048
+ZrSlci5Q9NdTxg6HuspV397fdJPPRED/pGk58NGhOQ
(last key update: Feb 25, 2021)
Testcase.boulder.ibm.com
(170.225.15.31)
RSA 2048
hsPI1gW5845xXusI7b1qugRNsizTkez40iv+lKcUN84
 
Details information for email server:
 
Server Port
Root certificate
Protocol
Cipher suites (openssl denotation)
mail.mainz.ibm.com
(192.109.81.15)
25
DigiCert Global Root CA
TLSv1.3
TLSv1.2
ECDHE-RSA-AES256-GCM-SHA384
ECDHE-RSA-AES128-GCM-SHA256
DHE-RSA-AES256-GCM-SHA384
DHE-RSA-AES128-GCM-SHA256
AES256-GCM-SHA384 AES128-GCM-SHA256


Related links

[{"Business Unit":{"code":"BU051","label":"N\/A"},"Product":{"code":"SUPPORT","label":"IBM Worldwide Support"},"Component":"","Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All Versions","Edition":"","Line of Business":{"code":"LOB33","label":"N\/A"}}]

Document Information

Modified date:
08 April 2021

UID

ibm16257487