Earlier in Blog Post: Know your protocol I wrote about how IBM MQ V8 FixPack 2 had deprecated all the SSL 3.0 CipherSpecs and turned them off by default.
Now in FixPack 3 a further set of CipherSpecs have been deprecated so that, by default, attempts to use them will result in a error. The additional CipherSpecs deprecated in FixPack 3 are those which use no encryption; the RC algorithms (RC2 and RC4); and single DES.
UPDATE: Now with APAR IV90867, which is targeted for IBM MQ V8 FixPack 6, a further set of CipherSpecs have been deprecated. The additional CipherSpecs deprecated in FixPack 6 are those which use the Triple DES algorithm.
UPDATE: Now with V9.1, a further two CipherSpecs have been deprecated. The additional CipherSpecs deprecated in V9.1 are those which use the TLS 1.0 protocol.
Whatever version of MQ you are currently using, you should consider this as a strong hint to look at your use of any of these CipherSpecs and change to a stronger one where possible.
CipherSpec Name | Protocol Used | Data Integrity | Encryption | Added in | Deprecated in | |
Algorithm | Bits | |||||
AES_SHA_US | SSL 3.0 | SHA-1 | AES | 128 | V5.3 | |
DES_SHA_EXPORT | SSL 3.0 | SHA-1 | DES | 56 | V5.3 | |
DES_SHA_EXPORT1024 | SSL 3.0 | SHA-1 | DES | 56 | V5.3 | |
FIPS_WITH_DES_CBC_SHA | SSL 3.0 | SHA-1 | DES | 56 | V6 | |
FIPS_WITH_3DES_EDE_CBC_SHA | SSL 3.0 | SHA-1 | 3DES | 168 | V6 | |
NULL_MD5 | SSL 3.0 | MD5 | None | 0 | V5.3 | |
NULL_SHA | SSL 3.0 | SHA-1 | None | 0 | V5.3 | |
RC2_MD5_EXPORT | SSL 3.0 | MD5 | RC2 | 40 | V5.3 | |
RC4_MD5_EXPORT | SSL 3.0 | MD5 | RC4 | 40 | V5.3 | |
RC4_MD5_US | SSL 3.0 | MD5 | RC4 | 128 | V5.3 | |
RC4_SHA_US | SSL 3.0 | SHA-1 | RC4 | 128 | V5.3 | |
RC4_56_SHA_EXPORT1024 | SSL 3.0 | SHA-1 | RC4 | 56 | V5.3 | |
TRIPLE_DES_SHA_US | SSL 3.0 | SHA-1 | 3DES | 168 | V5.3 | |
TLS_RSA_EXPORT_WITH_RC2_40_MD5 | TLS 1.0 | MD5 | RC2 | 40 | ? | |
TLS_RSA_EXPORT_WITH_RC4_40_MD5 | TLS 1.0 | MD5 | RC4 | 40 | ? | |
TLS_RSA_WITH_DES_CBC_SHA | TLS 1.0 | SHA-1 | DES | 56 | V6 | |
TLS_RSA_WITH_NULL_MD5 | TLS 1.0 | MD5 | None | 0 | ? | |
TLS_RSA_WITH_NULL_SHA | TLS 1.0 | SHA-1 | None | 0 | ? | |
TLS_RSA_WITH_RC4_128_MD5 | TLS 1.0 | MD5 | RC4 | 128 | ? | |
ECDHE_ECDSA_NULL_SHA256 | TLS 1.2 | SHA-1 | None | 0 | V7.1 | |
ECDHE_ECDSA_RC4_128_SHA256 | TLS 1.2 | SHA-1 | RC4 | 128 | V7.1 | |
ECDHE_RSA_NULL_SHA256 | TLS 1.2 | SHA-1 | None | 0 | V71. | |
ECDHE_RSA_RC4_128_SHA256 | TLS 1.2 | SHA-1 | RC4 | 128 | V7.1 | |
TLS_RSA_WITH_NULL_NULL | TLS 1.2 | None | None | 0 | ? | |
TLS_RSA_WITH_NULL_SHA256 | TLS 1.2 | SHA-256 | None | 0 | V7.0.1 | |
TLS_RSA_WITH_RC4_128_SHA256 | TLS 1.2 | SHA-1 | RC4 | 128 | ? | |
TLS_RSA_WITH_3DES_EDE_CBC_SHA | TLS 1.0 | SHA-1 | 3DES | 168 | V6 | |
ECDHE_ECDSA_3DES_EDE_CBC_SHA256 | TLS 1.2 | SHA-1 | 3DES | 168 | V7.1 | |
ECDHE_RSA_3DES_EDE_CBC_SHA256 | TLS 1.2 | SHA-1 | 3DES | 168 | V7.1 | |
TLS_RSA_WITH_AES_128_CBC_SHA | TLS 1.0 | SHA-1 | AES | 128 | V6 | |
TLS_RSA_WITH_AES_256_CBC_SHA | TLS 1.0 | SHA-1 | AES | 256 | V6 |
As an alternate way of thinking about it, you should be choosing a CipherSpec from the 17 listed in the following table, or moving to use the ANY* Alias CipherSpecs.
Platform | CipherSpec Name | Protocol Used | Data Integrity | Encryption | Suite B | Added in | |
Algorithm | Bits | ||||||
LUW | TLS_AES_128_GCM_SHA256 | TLS 1.3 | GCM | AES-128 with GCM | 128 | No | V9.1.4 |
LUW | TLS_AES_256_GCM_SHA384 | TLS 1.3 | GCM | AES-256 with GCM | 256 | No | V9.1.4 |
LUW | TLS_CHACHA20_POLY1305_SHA256 | TLS 1.3 | POLY1305 | CHACHA20 | 256 | No | V9.1.4 |
LUW | TLS_AES_128_CCM_SHA256 | TLS 1.3 | CBC-MAC | AES-128 with CTR | 128 | No | V9.1.4 |
LUW | TLS_AES_128_CCM_8_SHA256 | TLS 1.3 | CBC-MAC | AES-128 with CTR | 128 | No | V9.1.4 |
All | TLS_RSA_WITH_AES_128_CBC_SHA256 | TLS 1.2 | SHA-256 | AES | 128 | No | V7 |
All | TLS_RSA_WITH_AES_256_CBC_SHA256 | TLS 1.2 | SHA-256 | AES | 256 | No | V7 |
All | TLS_RSA_WITH_AES_128_GCM_SHA256 | TLS 1.2 | AEAD AES-128 GCM | AES | 128 | No | V7.1 |
All | TLS_RSA_WITH_AES_256_GCM_SHA384 | TLS 1.2 | AEAD AES-128 GCM | AES | 256 | No | V7.1 |
All | ECDHE_ECDSA_AES_128_CBC_SHA256 | TLS 1.2 | SHA-256 | AES | 128 | No | V7.1 |
All | ECDHE_ECDSA_AES_256_CBC_SHA384 | TLS 1.2 | SHA-384 | AES | 256 | No | V7.1 |
LUW | ECDHE_ECDSA_AES_128_GCM_SHA256 | TLS 1.2 | AEAD AES-128 GCM | AES | 128 | 128 bit | V7.1 |
LUW | ECDHE_ECDSA_AES_256_GCM_SHA384 | TLS 1.2 | AEAD AES-128 GCM | AES | 256 | 192 bit | V7.1 |
All | ECDHE_RSA_AES_128_CBC_SHA256 | TLS 1.2 | SHA-256 | AES | 128 | No | V7.1 |
All | ECDHE_RSA_AES_256_CBC_SHA384 | TLS 1.2 | SHA-384 | AES | 256 | No | V7.1 |
All | ECDHE_RSA_AES_128_GCM_SHA256 | TLS 1.2 | AEAD AES-128 GCM | AES | 128 | No | V7.1 |
All | ECDHE_RSA_AES_256_GCM_SHA384 | TLS 1.2 | AEAD AES-128 GCM | AES | 256 | No | V7.1 |
The table in Knowledge Center: Specifying CipherSpecs only shows the supported CipherSpecs and there is a separate page for the list of Deprecated CipherSpecs.
Re-enabling the deprecated CipherSpecs
Be aware that if you have re-enabled SSL V3.0 CipherSpecs at IBM MQ V8 FixPack 2, and you upgrade to FixPack 3, you will have further re-enabling to do. It is not sufficient simply to re-enable the SSL V3.0 protocol as you did with FixPack 2, you also have to specify the weak CipherSpec you wish to allow use of.
If the CipherSpec you wish to re-enable is an SSL V3.0 CipherSpec one step you will need to do is re-enable the protocol. As detailed in Know your protocol this is done by editing the qm.ini file:-
SSL:
AllowSSLV3=Y
or setting the AMQ_SSL_V3_ENABLE=1 environment variable.
Additionally, to re-enable the specific CipherSpec, you can edit the qm.ini file to provide the name of the CipherSpec you wish to allow to be used:-
SSL:
AllowWeakCipherSpec=TRIPLE_DES_SHA_US
or set the AMQ_SSL_WEAK_CIPHER_ENABLE=TRIPLE_DES_SHA_US environment variable.
This setting can be a list of CipherSpecs, or ‘All’ to turn them all back on.
Without these settings use of a weak CipherSpec at define-time will result in:-
AMQ8242: SSLCIPH definition wrong.
and at run-time will result in an error message thus:-
------------------------------------------------------------------------------- 20/07/2015 17:42:26 - Process(6040.1) User(MUSR_MQADMIN3) Program(runmqchl.exe) Host(GEM45) Installation(800FP3) VRMF(8.0.0.3) QMgr(QM1) AMQ9674: The channel 'QM1.TO.QM2.SSL01' specified a weak or broken CipherSpec. EXPLANATION: The SSL or TLS channel 'QM1.TO.QM2.SSL01' is configured to use a weak or broken CipherSpec 'TRIPLE_DES_SHA_US'. This error occurs when the channel has requested to use a CipherSpec that utilizes cryptographic algorithms or protocols that are now considered to be broken or weak. The channel did not start. ACTION: Ensure that the channel is configured to use a CipherSpec that uses a stronger set of cryptographic algorithms or a stronger protocol. Alternatively, configure the queue manager to re-enable the weaker CipherSpec 'TRIPLE_DES_SHA_US' using the AMQ_SSL_WEAK_CIPHER_ENABLE environment variable, or via the 'AllowWeakCipherSpec' attribute under the SSL stanza in the qm.ini file. -------------------------------------------------------------------------------
Hopefully you won’t ever need to re-enable these old, weak CipherSpecs, but there’s always the chance that you have a channel that talks to an old version queue manager, and you’ll need one of these weaker CipherSpecs for that purpose. At least with this new re-enablement method you’ll only be allowing the one you need to be used, instead of opening them all up.
IBM resources on the same subject:-
- CipherSpec values supported in IBM MQ
- Deprecation: weaker cryptographic algorithms
- Specifying CipherSpecs
- SSL and TLS Cipher Specification Deprecations for the MQ Product
Other resources on the same subject:-
Morag Hughson is a Certified IBM MQ Specialist
IBM Certified System Administrator – MQ V8.0
Find her on:
Does this mean that only one weak cipher spec can be re-enabled per QM?
LikeLike
Hi Peter,
Not at all, you can have a comma separated list of the ones you want to re-enable or just use the word ‘All’ to re-enable all of them.
Cheers
Morag
LikeLike