1. Mainframe Adapter for TCP IMS User's Guide
  2. Configuring Oracle Tuxedo Mainframe Adapter for TCP Security
  3. Security Enforcement: SSL/TLS Support
  4. Technical Specifications

3.4.1 Technical Specifications

Following are the technical specifications required for SSL/TLS support:
  1. Default protocol supported: TLS 1.2
  2. Ciphers supported:
    • TLS_RSA_WITH_AES_256_CBC_SHA256
    • TLS_RSA_WITH_AES_256_GCM_SHA384
    • TLS_RSA_WITH_AES_128_CBC_SHA256
    • TLS_RSA_WITH_AES_128_GCM_SHA256
    • TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
    • TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
    • TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
  3. Keyring/Certificate details: Certificates on Mainframe are configured in RACF.
    • Certificates can be created by user/system admin based on the access level
    • User should have all the CONTROL access for these keyring and certificates
    • For more information related to access and certificates, refer RACF Callable services document RACF Callable services

Parent topic: Security Enforcement: SSL/TLS Support