• United States
IBM?
  • Site map
IBM?
  • Marketplace

  • Close
    Search
  • Sign in
    • Sign in
    • Register
  • IBM Navigation
IBM Developer Answers
  • Spaces
    • Blockchain
    • IBM Cloud platform
    • Internet of Things
    • Predictive Analytics
    • Watson
    • See all spaces
  • Tags
  • Users
  • Badges
  • FAQ
  • Help
Close

Name

Community

  • Learn
  • Develop
  • Connect

Discover IBM

  • ConnectMarketplace
  • Products
  • Services
  • Industries
  • Careers
  • Partners
  • Support
10.190.13.206

ODM×

Refine your search by using the following advanced search options.

Criteria Usage
Questions with keyword1 or keyword2 keyword1 keyword2
Questions with a mandatory word, e.g. keyword2 keyword1 +keyword2
Questions excluding a word, e.g. keyword2 keyword1 -keyword2
Questions with keyword(s) and a specific tag keyword1 [tag1]
Questions with keyword(s) and either of two or more specific tags keyword1 [tag1] [tag2]
To search for all posts by a user or all posts with a specific tag, start typing and choose from the suggestion list. Do not use a plus or minus sign with a tag, e.g., +[tag1].
  • Ask a question

What SHA algorithms are supported so we can use them to secure IBM BPM and ODM?

270006UY0A gravatar image
Question by S.Baumann  (2871) | Sep 29, 2015 at 09:16 AM bpmsecurityodmrsasha

I would like to know if we need to do anything to ensure Process Server or Process Centre is SHA-2 compliant as we are going to update our security Infrastructure. Our goal is to use SHA-2 for security purpose in the future. Are there any limitation for using SHA-256, SHA-384 or SHA-512 for TLS connections on BPM or ODM?

Additionally please notice, we secure the cells and nodes using SHA-1 (with RSA) encryption at the moment. The same applies to all inbound and outbound services such as CICS, Web Services, HTTPS calls and so on.

People who like this

  0
Comment
10 |3000 characters needed characters left characters exceeded
  • Viewable by all users
  • Viewable by moderators
  • Viewable by moderators and the original poster

1 reply

  • Sort: 
270006UY0A gravatar image
Accepted answer

Answer by S.Baumann (2871) | Sep 29, 2015 at 09:18 AM

Referring to information we received from our IBM Security Architects for BPM and ODM, those products rely on the WebSphere Application Server(WAS) version and the underlying Java version for this functionality. Referring to official statements in the WAS Knowledge Center, the above SHA algorithms are supported. (Please make sure, you look up those security aspects for your WAS version)

Moreover, you might also need to check the support for IHS separately. Please have a look at the following dwAnswer post for this: Can IHS 7.0 use SHA-2 (sha224, sha256, sha384, sha512) digest algorithms?

Finally, you can review how to update the default SSL certifactes of WAS in this technote or for IHS in the Knowledge Center. You might also want to review how to convert certificates to use the new minimal strength (SHA254withRSA).

Comment

People who like this

  0   Share
10 |3000 characters needed characters left characters exceeded
  • Viewable by all users
  • Viewable by moderators
  • Viewable by moderators and the original poster

Follow this question

59 people are following this question.

Answers

Answers & comments

Related questions

Where can I find more information about the cross-site scripting vulnerability in IBM Business Process Manager (BPM) redirect-login mechanism? 1 Answer

Help with Security Bulletin: Vulnerability in RC4 stream cipher affects IBM Integration Designer and WebSphere Integration Developer (CVE-2015-2808) 1 Answer

Can I anyhow omit/encrypt credentials on the command line for BPM scripts? 2 Answers

Is ODM RES 8.9.1 vulnerable by Spectre and Meltdown on Redhat Linux? 1 Answer

Why do I see process.server.securityAdminUser although JR56981 is in place? 1 Answer

  • Contact
  • Privacy
  • IBM Developer Terms of use
  • Accessibility
  • Report Abuse
  • Cookie Preferences

Powered by AnswerHub

Authentication check. Please ignore.
  • Anonymous
  • Sign in
  • Create
  • Ask a question
  • Spaces
  • API Connect
  • Analytic Hybrid Cloud Core
  • Application Performance Management
  • Appsecdev
  • BPM
  • Blockchain
  • Business Transaction Intelligence
  • CAPI
  • CAPI SNAP
  • CICS
  • Cloud Analytics
  • Cloud Automation
  • Cloud Object Storage
  • Cloud marketplace
  • Collaboration
  • Content Services (ECM)
  • Continuous Testing
  • Courses
  • Customer Experience Analytics
  • DB2 LUW
  • DataPower
  • Decision Optimization
  • DevOps Services
  • Developers IBM MX
  • Digital Commerce
  • Digital Experience
  • Finance
  • Global Entrepreneur Program
  • Hadoop
  • Hybrid Cloud Core
  • IBM Cloud platform
  • IBM Design
  • IBM Forms Experience Builder
  • IBM Maximo Developer
  • IBM StoredIQ
  • IBM StoredIQ-Cartridges
  • IIDR
  • ITOA
  • InformationServer
  • Integration Bus
  • Internet of Things
  • Kenexa
  • Linux on Power
  • LinuxONE
  • MDM
  • Mainframe
  • Messaging
  • Node.js
  • ODM
  • Open
  • PowerAI
  • PowerVC
  • Predictive Analytics
  • Product Insights
  • PureData for Analytics
  • Push
  • QRadar App Development
  • Run Book Automation
  • Search Insights
  • Security Core
  • Storage
  • Storage Core
  • Streamsdev
  • Supply Chain Business Network
  • Supply Chain Insights
  • Swift
  • UBX Capture
  • Universal Behavior Exchange
  • UrbanCode
  • WASdev
  • WSRR
  • Watson
  • Watson Campaign Automation
  • Watson Content Hub
  • Watson Marketing Insights
  • dW Answers Help
  • dW Premium
  • developerWorks Sandbox
  • developerWorks Team
  • Watson Health
  • More
  • Tags
  • Questions
  • Users
  • Badges