set CipherSpec to ANY_TLS12 and refresh security (#362)

cmd/runmqserver/tls.go

@@ -73,12 +73,9 @@ func configureWebTLS(label string) error {
 func configureTLSDev() error {
 	const mqsc string = "/etc/mqm/20-dev-tls.mqsc"
 	const mqscTemplate string = mqsc + ".tpl"
-	const sslCipherSpec string = "TLS_RSA_WITH_AES_128_CBC_SHA256"
 
 	if os.Getenv("MQ_DEV") == "true" {
-		err := mqtemplate.ProcessTemplateFile(mqscTemplate, mqsc, map[string]string{
+		err := mqtemplate.ProcessTemplateFile(mqscTemplate, mqsc, map[string]string{}, log)
-			"SSLCipherSpec": sslCipherSpec,
-		}, log)
 		if err != nil {
 			return err
 		}

etc/mqm/15-tls.mqsc.tpl

@@ -16,4 +16,4 @@
 * Set the keystore location for the queue manager
 ALTER QMGR SSLKEYR('{{ .SSLKeyR }}')
 ALTER QMGR CERTLABL('{{ .CertificateLabel }}')
-
+REFRESH SECURITY(*) TYPE(SSL)

incubating/mqadvanced-server-dev/20-dev-tls.mqsc.tpl

@@ -14,5 +14,5 @@
 * limitations under the License.
 
 * Set the cipherspec for dev channels
-ALTER CHANNEL('DEV.APP.SVRCONN') CHLTYPE(SVRCONN) SSLCIPH({{ .SSLCipherSpec }}) SSLCAUTH(OPTIONAL)
+ALTER CHANNEL('DEV.APP.SVRCONN') CHLTYPE(SVRCONN) SSLCIPH(ANY_TLS12) SSLCAUTH(OPTIONAL)
-ALTER CHANNEL('DEV.ADMIN.SVRCONN') CHLTYPE(SVRCONN) SSLCIPH({{ .SSLCipherSpec }}) SSLCAUTH(OPTIONAL)
+ALTER CHANNEL('DEV.ADMIN.SVRCONN') CHLTYPE(SVRCONN) SSLCIPH(ANY_TLS12) SSLCAUTH(OPTIONAL)