List Ciphers used by JVM

June 2, 2023 Roger Lacroix

On StackOverflow, someone was having an issue with a particular CipherSuite. So, I posted a sample Java code that I found a while ago to list the ciphers used by a JVM.

I found the Java code on Atlassian Support’s page here.

The purpose of the code sample is to allow the user to determine if the CipherSuite they are using is actually supported by the JVM.

I updated the code to include the JVM version and vendor name. Here is the updated code:

import java.util.Iterator;
import java.util.Map;
import java.util.TreeMap;
import javax.net.ssl.SSLServerSocketFactory;

public class Ciphers
{
    public static void main(String[] args)
        throws Exception
    {
        System.out.println("Running under Java " + System.getProperty("java.version")
                            + " from " + System.getProperty("java.vendor"));
        SSLServerSocketFactory ssf = (SSLServerSocketFactory)SSLServerSocketFactory.getDefault();

        String[] defaultCiphers = ssf.getDefaultCipherSuites();
        String[] availableCiphers = ssf.getSupportedCipherSuites();

        TreeMap<String, Boolean> ciphers = new TreeMap<String, Boolean>();

        for(int i=0; i<availableCiphers.length; ++i )
            ciphers.put(availableCiphers[i], Boolean.FALSE);

        for(int i=0; i<defaultCiphers.length; ++i )
            ciphers.put(defaultCiphers[i], Boolean.TRUE);

        System.out.println("Default\tCipher");
        for(Iterator i = ciphers.entrySet().iterator(); i.hasNext(); ) {
            Map.Entry cipher=(Map.Entry)i.next();

            if(Boolean.TRUE.equals(cipher.getValue()))
                System.out.print('*');
            else
                System.out.print(' ');

            System.out.print('\t');
            System.out.println(cipher.getKey());
        }
    }
}

Here is the output from running it against IBM v1.8 JVM:

Running under Java 1.8.0_341 from IBM Corporation
Default	Cipher
*	SSL_DHE_DSS_WITH_AES_128_CBC_SHA
*	SSL_DHE_DSS_WITH_AES_128_CBC_SHA256
*	SSL_DHE_DSS_WITH_AES_128_GCM_SHA256
*	SSL_DHE_DSS_WITH_AES_256_CBC_SHA
*	SSL_DHE_DSS_WITH_AES_256_CBC_SHA256
*	SSL_DHE_DSS_WITH_AES_256_GCM_SHA384
*	SSL_DHE_RSA_WITH_AES_128_CBC_SHA
*	SSL_DHE_RSA_WITH_AES_128_CBC_SHA256
*	SSL_DHE_RSA_WITH_AES_128_GCM_SHA256
*	SSL_DHE_RSA_WITH_AES_256_CBC_SHA
*	SSL_DHE_RSA_WITH_AES_256_CBC_SHA256
*	SSL_DHE_RSA_WITH_AES_256_GCM_SHA384
*	SSL_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
*	SSL_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
*	SSL_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
*	SSL_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
*	SSL_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
*	SSL_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
*	SSL_ECDHE_RSA_WITH_AES_128_CBC_SHA
*	SSL_ECDHE_RSA_WITH_AES_128_CBC_SHA256
*	SSL_ECDHE_RSA_WITH_AES_128_GCM_SHA256
*	SSL_ECDHE_RSA_WITH_AES_256_CBC_SHA
*	SSL_ECDHE_RSA_WITH_AES_256_CBC_SHA384
*	SSL_ECDHE_RSA_WITH_AES_256_GCM_SHA384
*	SSL_ECDH_ECDSA_WITH_AES_128_CBC_SHA
*	SSL_ECDH_ECDSA_WITH_AES_128_CBC_SHA256
*	SSL_ECDH_ECDSA_WITH_AES_128_GCM_SHA256
*	SSL_ECDH_ECDSA_WITH_AES_256_CBC_SHA
*	SSL_ECDH_ECDSA_WITH_AES_256_CBC_SHA384
*	SSL_ECDH_ECDSA_WITH_AES_256_GCM_SHA384
*	SSL_ECDH_RSA_WITH_AES_128_CBC_SHA
*	SSL_ECDH_RSA_WITH_AES_128_CBC_SHA256
*	SSL_ECDH_RSA_WITH_AES_128_GCM_SHA256
*	SSL_ECDH_RSA_WITH_AES_256_CBC_SHA
*	SSL_ECDH_RSA_WITH_AES_256_CBC_SHA384
*	SSL_ECDH_RSA_WITH_AES_256_GCM_SHA384
*	SSL_RSA_WITH_AES_128_CBC_SHA
*	SSL_RSA_WITH_AES_128_CBC_SHA256
*	SSL_RSA_WITH_AES_128_GCM_SHA256
*	SSL_RSA_WITH_AES_256_CBC_SHA
*	SSL_RSA_WITH_AES_256_CBC_SHA256
*	SSL_RSA_WITH_AES_256_GCM_SHA384
*	TLS_AES_128_GCM_SHA256
*	TLS_AES_256_GCM_SHA384
*	TLS_CHACHA20_POLY1305_SHA256
 	TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256
 	TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
 	TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
*	TLS_EMPTY_RENEGOTIATION_INFO_SCSV

Here is the output from running it against Oracle v17 JVM:

Running under Java 17.0.7 from Oracle Corporation
Default	Cipher
*	TLS_AES_128_GCM_SHA256
*	TLS_AES_256_GCM_SHA384
*	TLS_CHACHA20_POLY1305_SHA256
*	TLS_DHE_DSS_WITH_AES_128_CBC_SHA
*	TLS_DHE_DSS_WITH_AES_128_CBC_SHA256
*	TLS_DHE_DSS_WITH_AES_128_GCM_SHA256
*	TLS_DHE_DSS_WITH_AES_256_CBC_SHA
*	TLS_DHE_DSS_WITH_AES_256_CBC_SHA256
*	TLS_DHE_DSS_WITH_AES_256_GCM_SHA384
*	TLS_DHE_RSA_WITH_AES_128_CBC_SHA
*	TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
*	TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
*	TLS_DHE_RSA_WITH_AES_256_CBC_SHA
*	TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
*	TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
*	TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256
*	TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
*	TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
*	TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
*	TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
*	TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
*	TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
*	TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
*	TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
*	TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
*	TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
*	TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
*	TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
*	TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
*	TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
*	TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA
*	TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256
*	TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256
*	TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
*	TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384
*	TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384
*	TLS_ECDH_RSA_WITH_AES_128_CBC_SHA
*	TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256
*	TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256
*	TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
*	TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384
*	TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384
*	TLS_EMPTY_RENEGOTIATION_INFO_SCSV
*	TLS_RSA_WITH_AES_128_CBC_SHA
*	TLS_RSA_WITH_AES_128_CBC_SHA256
*	TLS_RSA_WITH_AES_128_GCM_SHA256
*	TLS_RSA_WITH_AES_256_CBC_SHA
*	TLS_RSA_WITH_AES_256_CBC_SHA256
*	TLS_RSA_WITH_AES_256_GCM_SHA384

Regards,
Roger Lacroix
Capitalware Inc.

Education, IBM i (OS/400), IBM MQ, IBM MQ Appliance, Java, Linux, macOS (Mac OS X), Programming, Security, Unix, Windows Comments Off on List Ciphers used by JVM

IBM MQ v9.1.0.15 Fix Pack Released

May 10, 2023 Roger Lacroix

IBM has just released IBM MQ v9.1.0.15 Fix Pack:
https://www.ibm.com/support/pages/node/6989409

Regards,
Roger Lacroix
Capitalware Inc.

Fix Packs for MQ, IBM i (OS/400), IBM MQ, Linux, Unix, Windows Comments Off on IBM MQ v9.1.0.15 Fix Pack Released

IBM MQ v9.3.2.1 Continuous Delivery CSU Released

April 28, 2023 Roger Lacroix

IBM has just released IBM MQ v9.3.2.1 Continuous Delivery CSU:
https://www.ibm.com/support/pages/downloading-ibm-mq-9321-continuous-delivery-csu

Regards,
Roger Lacroix
Capitalware Inc.

Fix Packs for MQ, IBM MQ, IBM MQ Appliance, Linux, Unix, Windows Comments Off on IBM MQ v9.3.2.1 Continuous Delivery CSU Released

IBM MQ v9.3.0.5 Fix Pack Released

April 28, 2023 Roger Lacroix

IBM has just released IBM MQ v9.3.0.5 Fix Pack:
https://www.ibm.com/support/pages/downloading-ibm-mq-9305-fix-pack

Regards,
Roger Lacroix
Capitalware Inc.

Fix Packs for MQ, IBM i (OS/400), IBM MQ, IBM MQ Appliance, Unix, Windows Comments Off on IBM MQ v9.3.0.5 Fix Pack Released

IBM MQ v9.2.0.11 LTS CSU Released

April 28, 2023 Roger Lacroix

IBM has just released IBM MQ v9.2.0.11 LTS CSU:
https://www.ibm.com/support/pages/downloading-ibm-mq-92011-lts-csu

Regards,
Roger Lacroix
Capitalware Inc.

Fix Packs for MQ, IBM i (OS/400), IBM MQ, IBM MQ Appliance, Unix, Windows Comments Off on IBM MQ v9.2.0.11 LTS CSU Released

IBM MQ v9.0.0.17 LTS CSU Released

April 28, 2023 Roger Lacroix

IBM has just released IBM MQ v9.0.0.17 LTS CSU:
https://www.ibm.com/support/pages/downloading-ibm-mq-90017-lts-csu

Regards,
Roger Lacroix
Capitalware Inc.

Fix Packs for MQ, IBM i (OS/400), IBM MQ, IBM MQ Appliance, Unix, Windows Comments Off on IBM MQ v9.0.0.17 LTS CSU Released

OpenBSD v7.3 Released

April 11, 2023 Roger Lacroix

Theo de Raadt has just released OpenBSD v7.3.
https://www.openbsd.org/73.html

The OpenBSD project produces a FREE, multi-platform 4.4BSD-based UNIX-like operating system. Our efforts emphasize portability, standardization, correctness, proactive security and integrated cryptography.

Regards,
Roger Lacroix
Capitalware Inc.

Open Source, Operating Systems Comments Off on OpenBSD v7.3 Released

Disabling IPV6 in IBM MQ

April 5, 2023 Roger Lacroix

Angel Rivera of IBM posted a document on how to disable IPV6 in IBM MQ.
https://www.ibm.com/support/pages/node/6980507?myns=swgws&mynp=OCSSYHRD&mync=E&cm_sp=swgws-_-OCSSYHRD-_-E

The document states that: “The default behavior with IBM MQ is to try to use IPV6 calls (Internet Protocol Version 6), and if there are timeouts, then the IPV4 calls will be tried next.”

I did not know this and it is important because in a busy MQ environment, waiting on a timeout can be very costly.

i.e. For Unix & Linux use:

export AMQ_NO_IPV6=TRUE

On Windows, simply set it in the System Environment Variables panel.
System Environment Variables

Regards,
Roger Lacroix
Capitalware Inc.

Education, HPE NonStop, IBM i (OS/400), IBM MQ, IBM MQ Appliance, Linux, Unix, Windows Comments Off on Disabling IPV6 in IBM MQ

IBM MQ Download Links

March 6, 2023 Roger Lacroix

If you are a developer and need a download link to something related to IBM MQ, sometimes it’s a real pain to find the link/page you need. So, I decided to create a blog posting with many of the useful IBM MQ links in 1 spot.

Regards,
Roger Lacroix
Capitalware Inc.

IBM MQ, Linux, macOS (Mac OS X), Raspberry Pi, Unix, Windows Comments Off on IBM MQ Download Links

IBM MQ 9.2.0.10 Fix Pack Released

March 2, 2023 Roger Lacroix

IBM has just released IBM MQ 9.2.0.10 Fix Pack:
https://www.ibm.com/support/pages/downloading-ibm-mq-92010-fix-pack

Regards,
Roger Lacroix
Capitalware Inc.

Fix Packs for MQ, IBM i (OS/400), IBM MQ, IBM MQ Appliance, Linux, Unix, Windows Comments Off on IBM MQ 9.2.0.10 Fix Pack Released