trying to set up Queue Connection factory on WAS 7 and 8.5.5 with SSL
MQ channel cipherspec is tls_rsa_with_aes_128_cbc_sha256.
but whenever I try specifying the respective suit on WAS as ssl_rsa_with_aes_128_cbc_sha256 , I get a MQSC_UNSUPPORTED_CIPHER_SUITE.
cipher tls_rsa_with_aes_128_cbc_sha works just fine .( not SHA256 )
I have tried enabling TLSv1.2 on WAS.
tried insataling unristricted jars as well.
what am I missing ?? looking forward to hear .. -AJ
WebSphere Application Server (WSAS) V7.0 ships the WebSphere MQ V7.0.1 JCA Resource Adapter (WMQ RA).
The V7.0.1 MQ RA does not support the TLS CipherSuite:
SSL_RSA_WITH_AES_128_CBC_SHA256
This is why your application is getting an exception with the MQ reason code, MQRC_UNSUPPORTED_CIPHER_SUITE, when using WSAS V7.0.
WSAS V8.5.5 on the other hand ships the WMQ V7.1 RA and support for the above CipherSuite was added in the V7.1.0.3 Fix Pack release. WSAS V8.5.5.2 ships the MQ V7.1.0.4 RA so this version of later should have the capability to use the SSL_RSA_WITH_AES_128_CBC_SHA256 Java CipherSuite.