cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

MQ Queue Channel Monitor - SHA256 Support

matt_lewis
Dynatrace Advisor
Dynatrace Advisor

Hey Community, @Asad A., @Eugene T., @Shaun G., @Christian A.,

We are using the MQ Queue Channel Monitor plugin, and would like to enable SSL for the obvious security benefits provided. The issue is that our MQ uses SHA256 (TLS_RSA_WITH_AES_128_CBC_SHA256), whereas the closest SSL options in the plugin are:

-> TLS_RSA_WITH_AES_128_CBC_SHA
-> TLS_RSA_WITH_AES_256_CBC_SHA

ssl-options.png

I thought we might be ok to just use the first, but that results in mismatched SSL according to MQ.

Is there any support for SHA256, or is this something that can relatively easily get added to this plugin?

Thanks,

-Matt

1 REPLY 1

matt_lewis
Dynatrace Advisor
Dynatrace Advisor

I can see from the Plugin release history:

2017-07-10 Plugin version 0.9.1.25 (christian.abele@dynatrace.com)
Enabled Cipher Suite TLS_RSA_WITH_AES_256_CBC_SHA256 for Oracle and IBM mapping.
To use the stronger cipher suite, the “Unlimited Strength Jurisdiction Policy” must be installed in your JVM.

I was wondering if AES_128 is easy enough to add to this, or would it require significant effort?