Security system values: Secure Sockets Layer cipher control
The Secure Sockets Layer cipher control system value is also known as QSSLCSLCTL. You can use this system value to specify whether the system or a user controls the Secure Sockets Layer cipher specification list (QSSLCSL) system value.
| Quick reference | |
|---|---|
| Location | From IBM® Navigator for i, select . Click on Security and click Properties, then select theSystem SSL tab. |
| Special authority | Input/output (I/O) system configuration (*IOSYSCFG), all object (*ALLOBJ), and security administrator (*SECADM). |
| Default value | Use system-defined. |
| Changes take effect | Immediately for all subsequent System SSL sessions. |
| Lockable | Yes. |
What can I do with this system value?
You have the following options:
- Use system-defined (*OPSYS)
- The Secure Sockets Layer cipher specification list (QSSLCSL) system value is read-only. Its values are automatically modified to contain the list of cipher suites supported by the System SSL. If you use this option, the QSSLCSL system value is automatically updated with new cipher suite capabilities when you install or upgrade to a future release of the operating system.
- Use user-defined (*USRDFN)
- The QSSLCSL system value is editable. If you use this option, additional cipher suite capabilities are not added automatically when you move to a future release of the operating system. You have to determine if any new cipher suites are available and manually add the new cipher suites to the QSSLCSL system value if you want the System SSL to support them.
Note: This system value is not supported on systems
running IBM i V5R4,
or earlier.