Monday, November 19, 2018

To enable TLS v1.2 in TIBCO BW 5.13


       TIBCO ActiveMatrix BusinessWorks can use Secure Socket Layer (SSL) to provide secure communication. The successor of SSL is Transport Layer Security(TLS). The TLS protocol provides communications privacy over the Internet. The protocol allows clinet/server applications to communicate in a way that is designed to prevent eavesdropping, tampering or message forgery.

          In real time, We might see applications which are developed in BW 5.13 interact with third party applications uses SOAP/HTTPs (or) any HTTPs service enabled with SSL using TLS v1.2 certificates but by default, BW 5.13 uses TLS v1.0 for SSL communication and we might encounter timeout issues while interacting with these applications/services.

     We can resolve this issue by adding below JAVA property to bwengine.tra file located in <<TIBCO_HOME>>\bw\5.13\bin folder.

java.property.TIBCO_SECURITY_VENDOR=j2se

       For deployed applications, we can add it to <<application>>.tra file localted in <<TIBCO_HOME>>\tra\domain\<<DOMAIN_NAME>>\application\<<application_name>> folder and make sure to restart the corresponding applications/services once after done with the changes.

To debug in designer, add this property to designer.tra(under <<TIBCO_HOME>>\designer\5.10\bin folder) file along with bwengine.tra file.

Note :
To check the TLS compatibility, check the java version used by your <<TIBCO_HOME>> and refer to below table for JAVA versions and it's corresponding compatible TLS versions.

Java VersionSSL/TLS defaultOther Supported Versions
Java 6TLS v1.0TLS v1.0, SSLv3.0*
Java 7TLS v1.0TLS v1.2, TLS v1.1, SSLv3.0*
Java 8TLS v1.2TLS v1.1,TLS v1.0, SSLv3.0*



1 comment:

  1. Thank you so much for this valuable information. It saved my time today. I'm glad google recommended this article when I search for TLS 1.2 enforcement in TIBCO.

    ReplyDelete

back to top