The TIBCO Platform is a real-time, composable data platform that will bring together an evolving set of your TIBCO solutions - and it's available now!
A chart showing the TIBCO Platform vision
Jump to content
Forums
Ask questions and gain insight from discussions

Tibco Client is not able to connect to Tibco EMS server v8.3 on TLS v1.2


JOANNE -

Recommended Posts

Hi,

We have a Tibco client using the client libraries v8.3 configured in Weblogic who's unable to connect to Tibco EMS server on TLS v1.2.

The error message is below:

javax.net.ssl.SSLHandshakeException: No appropriate protocol (protocol is disabled or cipher suites are inappropriate)

at com.ibm.jsse2.aa.(aa.java:95)

at com.ibm.jsse2.ab.(ab.java:60)

at com.ibm.jsse2.bb.a(bb.java:232)

at com.ibm.jsse2.bj.a(bj.java:313)

at com.ibm.jsse2.bj.startHandshake(bj.java:160)

at com.tibco.security.ssl.ooOO.B.doHandshake(SSLClientImpl.java:325)

at com.tibco.tibjms.TibjmsxLinkSSL.connect(TibjmsxLinkSSL.java:399)

at com.tibco.tibjms.TibjmsConnection._create(TibjmsConnection.java:1302)

at com.tibco.tibjms.TibjmsConnection.(TibjmsConnection.java:4182)

at com.tibco.tibjms.TibjmsQueueConnection.(TibjmsQueueConnection.java:36)

at com.tibco.tibjms.TibjmsxCFImpl._createImpl(TibjmsxCFImpl.java:200)

at com.tibco.tibjms.TibjmsxCFImpl._createConnection(TibjmsxCFImpl.java:253)

at com.tibco.tibjms.TibjmsQueueConnectionFactory.createQueueConnection(

at com.tibco.tibjms.naming.TibjmsContext$Messenger.request(TibjmsContext.java:325)

at com.tibco.tibjms.naming.TibjmsContext.lookup(TibjmsContext.java:657)

at com.tibco.tibjms.naming.TibjmsContext.lookup(TibjmsContext.java:491)

Has someone encountered this error We can connect on TLS V1.0 but company requirement is TLS V1.2.

Is there a configuration in the Tibco client libraries needed to use TLS v1.2

Thanks.

Link to comment
Share on other sites

IF you want to use TLSv1.2 , you also need to have Unrestricted JCE policy jars installed in the Java /lib/security on the JVM running on the client machine . If your java security settings are correct , enable ssl_trace and ssl_debug_trace and capture the detailed ssl handshake logs from your application side and analyze the o/p . See what all ciphers are being used by client while connecting to EMS .Compare the ssl_cipher settings in the tibemsd.conf of ems .

Also please check the EMS documentation and release notes to make sure that EMS 8.3 supports TLSv1.2 . I doubt that EMS 8.3 fully supports TLSv1.2 .

If TLSv1.2 is not explicitly supported , you should consider migrating to EMS 8.6 and your client applications should use the ems 8..6 clients . Hope this helps .

 

Warm Regards,

VInay

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...