How to add a CipherSpec in WebSphere MQ components

Components such as tMomConnection, tMomInput, and tMomOutput only have a CipherSpec of TLS1.0. By default, JDK 1.8 supports TLS1.2, so you can add ciphers like TLS_RSA_WITH_AES_256_CBC_SHA256 to these components.

 

To add TLS1.2 ciphers:

  1. Shut down Studio.
  2. Navigate to Studio_Installed_dir\studio\plugins\org.talend.designer.components.localprovider_6.1.1.20170623_1246\components\tMomConnection. You will find a list of files associated with the tMomConnection component.
  3. Open the tMomConnection_java.xml file and search for the NAME="MQ_SSL_CIPHER" parameter.
  4. Add the following configuration between the <ITEMS DEFAULT="NULL_MD5"> and <ITEM> tags.
    <ITEM NAME="TLS_RSA_WITH_AES_256_CBC_SHA256" VALUE="SSL_RSA_WITH_AES_256_CBC_SHA256" />

     

    Screenshot (27).png

     

  5. In the same directory, locate the tMomConnection_messages.properties file.
  6. Open the file and search for the keyword MQ_SSL_CIPHER.NAME. Locate the parameter your TLS version should follow in the Set_ciphersec drop-down list.
  7. Add a new line, and paste in the following configuration:
    MQ_SSL_CIPHER.ITEM.TLS_RSA_WITH_AES_256_CBC_SHA256=TLS_RSA_WITH_AES_256_CBC_SHA256 

     

    Screenshot (26).png

     

  8. Save the files, tMomConnection_messages.properties and tMomConnection_java.xml, then relaunch Studio, after which you will be able to find the configuration in the drop-down list.

     

    Screenshot (30).png

     

  9. Once you successfully add a TLS1.2-supported CipherSpec, make sure to use the respective libraries in the component.
Version history
Revision #:
15 of 15
Last update:
‎06-26-2018 01:22 PM
Updated by: