Can i specify the allowed Cipher Suites on an inbound listener in Qvera Interface Engine.

0 votes
asked Dec 16, 2021 by brandon-w-8204 (29,870 points)
I need to specify what Cipher Suites are valid for one port in QIE. Is this possible and how can I do this.

1 Answer

+1 vote

In Qvera Interface Engines .50 and higher just can specify this on the source node.

1. Check the Override cipher suites for this connection
2. In the box enter the cipher suites you want to allow in a comma separated list example: TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384

If you are on .49 or lower you can add the following Java option to the startup arguments in the qie service manager.

qie.includeCipherSuites.{port} - This option will clear the list of accepted Cipher Suites used for a TLS handshake and use on the specified suite.  (Example: qie.includeCipherSuites.14430= TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384

answered Dec 16, 2021 by brandon-w-8204 (29,870 points)