The set of SSL protocol cipher specifications to be allowed for the secure session can be set. You should not include any that you do not want to allow. Order is important. System SSL selects ciphers according to the server’s order of usage preference. The first cipher in the server’s list that is also in the client’s list is selected. Other implementations might work differently.
AT-TLS does not pass any cipher suites to System SSL by default. For the list of cipher suites supported and the default order used if none is specified, see z/OS Cryptographic Services System SSL Programming.
If the CSFSERV class is defined, the user ID that is associated with the AT-TLS application must have READ access to the following resources in that class:
For more information about elliptic curve cryptography support, see z/OS Cryptographic Services System SSL Programming.