MQ

 View Only

 Issue with CipherSpec using .Net 8

Frederic O's profile image
Frederic O posted Tue May 20, 2025 12:40 PM

Hi all, 

We are migrating a working code from .net 4.7 to .net 8 ; this code connect to many different provider using the MQ client . 

We were able to connect successfully by downgrading the CipherSpec on the server ; it's ok for testing but it's not allowed for Production : 

The channel is configured to use : ECDHE_RSA_AES_256_GCM_SHA384 for provider 1 and TLS_RSA_WITH_AES_128_CBC_SHA256 for provider 2 ; 

For both provider it's not working and we receive a 2059 error ; 

It seems that the cipher that we specified is not applied by the library : here is the error message received from provider 1 :

The CipherSpec required in the local channel definition is 'ECDHE_RSA_AES_256_GCM_SHA384'. The name of the CipherSpec  negotiated during the SSL handshake is 'TLS_RSA_WITH_AES_256_GCM_SHA384'.

We found this mapping table ; but if we use the ".net cipher name" it has no effect. 

CipherSpec mappings for the managed .NET client - IBM Documentation

This code will run later in a linux container ; how can we solve this ? also depending on the provider that we are targeting?

Thanks for your help;