Question for Connecting to IBM MQ using TLS13 #34100
Description
We use Open Liberty 25.0.0.9 witj Jakarta EE and IBM MQ JCA Ressource adapter version 9.3.0.3.
The resource connector ist loaded using
<resourceAdapter id="mqjms" location="${mqJmsClient.jakarta.rar.location.9.3.0.3}"> <properties.mqjms reconnectionRetryCount="480" reconnectionRetryInterval="60000"/> </resourceAdapter>
A message driven bean is connected to a queue using the following code snipet
<jmsActivationSpec id="..." authDataRef="..."> <properties.mqjms destinationType="jakarta.jms.Queue" channel="..." hostName="..." port="..." queueManager="..." destinationRef="..." sslCipherSuite="TLS_RSA_WITH_AES_256_CBC_SHA256" maxPoolDepth="1"/> </jmsActivationSpec>
Everything works fine so far.
Now we have created a new MQ Channel "TLS13CHANNEL" in the MQ Server. This channel uses a configuration of "TLS13_OR_HIGHER" in it's SSL setting.
My question: Which value do I have to use in the Element instead of "TLS_RSA_WITH_AES_256_CBC_SHA256"? I would prefer not to specify any cipher and let the underlying TLS layer select one but that seems not to work. If I specify a valid TLS13 cipher like "TLS_AES_128_GCM_SHA256" no error occurs but as I mentioed I would prefer not to specify any concrete cipher. Is that possible? If yes, how?
Best regards
Ulrich