IBM MQ v9.2 Deprecated Cipher Specs
Last Updated: 2022-08-31
A list of deprecated CipherSpecs that you are able to use with IBM® MQ if necessary.
For information about enabling deprecated CipherSpecs, see Enabling deprecated CipherSpecs on IBM MQ for Multiplatforms or Enabling deprecated CipherSpecs on z/OS.
Deprecated CipherSpecs that you can use with IBM MQ TLS support are listed in the following table.
|
Platform support 1
|
CipherSpec name
|
Hex code
|
Protocol used
|
Data integrity
|
Encryption algorithm
|
Encryption bits
|
FIPS 2
|
Suite B
|
Update when deprecated
|
|---|---|---|---|---|---|---|---|---|---|
| CipherSpecs for SSL 3.0 | |||||||||
|
|
AES_SHA_US 3 |
002F | SSL 3.0 | SHA-1 | AES | 128 | No | No | 9.0.0.0 |
| All | DES_SHA_EXPORT 3 4 5 |
0009 | SSL 3.0 | SHA-1 | DES | 56 | No | No | 9.0.0.0 |
|
|
DES_SHA_EXPORT1024 3 6 |
0062 | SSL 3.0 | SHA-1 | DES | 56 | No | No | 9.0.0.0 |
|
|
FIPS_WITH_DES_CBC_SHA 3 |
FEFE | SSL 3.0 | SHA-1 | DES | 56 | No7 | No | 9.0.0.0 |
|
|
FIPS_WITH_3DES_EDE_CBC_SHA 3 |
FEFF | SSL 3.0 | SHA-1 | 3DES | 168 | No8 | No | 9.0.0.1 and 9.0.1 |
| All | NULL_MD5 3 |
0001 | SSL 3.0 | MD5 | None | 0 | No | No | 9.0.0.1 |
| All | NULL_SHA 3 |
0002 | SSL 3.0 | SHA-1 | None | 0 | No | No | 9.0.0.1 |
| All | RC2_MD5_EXPORT 3 4 5 |
0006 | SSL 3.0 | MD5 | RC2 | 40 | No | No | 9.0.0.0 |
| All | RC4_MD5_EXPORT 4 3 |
0003 | SSL 3.0 | MD5 | RC4 | 40 | No | No | 9.0.0.0 |
| All | RC4_MD5_US 3 |
0004 | SSL 3.0 | MD5 | RC4 | 128 | No | No | 9.0.0.0 |
| All | RC4_SHA_US 3 5 |
0005 | SSL 3.0 | SHA-1 | RC4 | 128 | No | No | 9.0.0.0 |
|
|
RC4_56_SHA_EXPORT1024 3 6 |
0064 | SSL 3.0 | SHA-1 | RC4 | 56 | No | No | 9.0.0.0 |
| All | TRIPLE_DES_SHA_US 3 5 |
000A | SSL 3.0 | SHA-1 | 3DES | 168 | No | No | 9.0.0.1 and 9.0.1 |
| CipherSpecs for TLS 1.0 | |||||||||
|
|
TLS_RSA_EXPORT_WITH_RC2_40_MD5 3 |
0006 | TLS 1.0 | MD5 | RC2 | 40 | No | No | 9.0.0.0 |
|
|
TLS_RSA_EXPORT_WITH_RC4_40_MD53 4 |
0003 | TLS 1.0 | MD5 | RC4 | 40 | No | No | 9.0.0.0 |
| All | TLS_RSA_WITH_DES_CBC_SHA 3 |
0009 | TLS 1.0 | SHA-1 | DES | 56 | No9 | No | 9.0.0.0 |
|
|
TLS_RSA_WITH_NULL_MD5 3 |
0001 | TLS 1.0 | MD5 | None | 0 | No | No | 9.0.0.1 |
|
|
TLS_RSA_WITH_NULL_SHA 3 |
0002 | TLS 1.0 | SHA-1 | None | 0 | No | No | 9.0.0.1 |
|
|
TLS_RSA_WITH_RC4_128_MD5 3 |
0004 | TLS 1.0 | MD5 | RC4 | 128 | No | No | 9.0.0.0 |
|
|
TLS_RSA_WITH_AES_128_CBC_SHA 10 |
002F | TLS 1.0 | SHA-1 | AES | 128 | Yes | No | 9.0.5 |
|
|
TLS_RSA_WITH_AES_256_CBC_SHA 6 10 |
0035 | TLS 1.0 | SHA-1 | AES | 256 | Yes | No | 9.0.5 |
| All | TLS_RSA_WITH_3DES_EDE_CBC_SHA |
000A | TLS 1.0 | SHA-1 | 3DES | 168 | Yes | No | 9.0.0.1 and 9.0.1 |
| CipherSpecs for TLS 1.2 | |||||||||
|
|
ECDHE_ECDSA_NULL_SHA256 3 |
C006 | TLS 1.2 | SHA-1 | None | 0 | No | No | 9.0.0.1 |
|
|
ECDHE_ECDSA_RC4_128_SHA256 3 |
C007 | TLS 1.2 | SHA-1 | RC4 | 128 | No | No | 9.0.0.0 |
|
|
ECDHE_RSA_NULL_SHA256 3 |
C010 | TLS 1.2 | SHA-1 | None | 0 | No | No | 9.0.0.1 |
|
|
ECDHE_RSA_RC4_128_SHA256 3 |
C011 | TLS 1.2 | SHA-1 | RC4 | 128 | No | No | 9.0.0.0 |
|
|
TLS_RSA_WITH_NULL_NULL 3 |
0000 | TLS 1.2 | None | None | 0 | No | No | 9.0.0.1 |
| All | TLS_RSA_WITH_NULL_SHA256 3 |
003B | TLS 1.2 | SHA-256 | None | 0 | No | No | 9.0.0.1 |
|
|
TLS_RSA_WITH_RC4_128_SHA256 3 |
0005 | TLS 1.2 | SHA-1 | RC4 | 128 | No | No | 9.0.0.0 |
|
|
ECDHE_ECDSA_3DES_EDE_CBC_SHA256 |
C0008 | TLS 1.2 | SHA-1 | 3DES | 168 | Yes | No | 9.0.0.1 and 9.0.1 |
|
|
ECDHE_RSA_3DES_EDE_CBC_SHA256 |
C012 | TLS 1.2 | SHA-1 | 3DES | 168 | Yes | No | 9.0.0.1 and 9.0.1 |
![[IBM i]](https://www.ibm.com/docs/en/SSFKSJ_9.2.0/com.ibm.mq.sec.doc/ngibmi.gif)
![[AIX, Linux, Windows]](https://www.ibm.com/docs/en/SSFKSJ_9.2.0/com.ibm.mq.sec.doc/ngalw.gif)
![[z/OS]](https://www.ibm.com/docs/en/SSFKSJ_9.2.0/com.ibm.mq.sec.doc/ngzos.gif)
