Sidebar
0 votes
926 views
by michael-m-7621 (120 points)

Hi I am trying to connect QIE to an AWS FTP their spec is listed below: Are any of these supported by QIE?

Our upgraded server has some new security policies, and you need to validate that your SFTP client complies with them. The upgraded server will support only the following algorithms and ciphers as per the TransferSecurityPolicy-FIPS-2020-06 security policies listed here.

KEXs

  • diffie-hellman-group14-sha256
  • diffie-hellman-group16-sha512
  • diffie-hellman-group18-sha512
  • ecdh-sha2-nistp384
  • ecdh-sha2-nistp521
  • diffie-hellman-group-exchange-sha256
  • ecdh-sha2-nistp256

MACs

TLS Ciphers

  • TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
  • TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
  • TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
  • TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
  • TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
  • TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
  • TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
  • TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384

1 Answer

0 votes

Qvera Interface Engine can support the newer ciphers without any issues. You will need to update to Java 17 to use the newer ones though.

Once you upgrade your connection with those ciphers will work.

For the Java 17 upgrade, you will need to add the following to the startup tab in Qie Service Manager.

# These are needed for QIE to run
--add-opens=java.base/java.lang=ALL-UNNAMED
--add-opens=java.base/java.util=ALL-UNNAMED

 

by brandon-w-8204 (34.6k points)
edited by brandon-w-8204
by michael-m-7621 (120 points)
Where are these suppose to be added? --add-opens=java.base/java.lang=ALL-UNNAMED
--add-opens=java.base/java.util=ALL-UNNAMED

What is the current version of QIE?
by brandon-w-8204 (34.6k points)
I have added a screenshot
by michael-m-7621 (120 points)
What is the current version of QIE and should I update it before moving to Java 17 from Java 8? We are currently on version 5.0.50
by brandon-w-8204 (34.6k points)
Great question. You will need to get to .51 or higher. The current release is 23.2. I would suggest upgrading to the latest.
...