TLS cypher suites with CA LDAP Server not being picked from slapd.conf file
Article ID: 253252
Updated On:
Products
LDAP SERVER FOR Z/OS
Issue/Introduction
There is a parameter in ldap parameter file (slapd.conf named TLSSipherSuite.
When newer cypher suites were added, they were ingored.
What is needed to allow suites to be added?
Environment
Release : 15.1
Resolution
To be able to add the latest cipher suites maintenance is required.
TLSCipherSuite TLS_RSA_WITH_AES_256_CBC_SHA256:TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384:TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384:TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384:TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384:TLS_DHE_DSS_WITH_AES_256_CBC_SHA256:TLS_DHE_RSA_WITH_AES_256_CBC_SHA256:TLS_DH_DSS_WITH_AES_256_CBC_SHA256:TLS_DH_RSA_WITH_AES_256_CBC_SHA256
The following PTFS and prereqs ware required to resolve the problem.
SO11651
SO07162
SO11230
SO11609
SO16322
SO16190
SO10105
SO06974
Feedback
Yes
No
Powered by
