3.4.1 Technical Specifications
Following are the technical specifications required for SSL/TLS support:
- Default protocol supported: TLS 1.2
- Ciphers supported:
TLS_RSA_WITH_AES_256_CBC_SHA256
TLS_RSA_WITH_AES_256_GCM_SHA384
TLS_RSA_WITH_AES_128_CBC_SHA256
TLS_RSA_WITH_AES_128_GCM_SHA256
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
- Keyring/Certificate details: Certificates on Mainframe are configured in RACF.
- Certificates can be created by user/system admin based on the access level
- User should have all the CONTROL access for these keyring and certificates
- For more information related to access and certificates, refer RACF Callable services document RACF Callable services
Parent topic: Security Enforcement: SSL/TLS Support