Clients using TLS v1, TLS v1.1 protocols cannot connect to secure HTTP service implemented on BW 6.5.1
Article ID: KB0077366
Updated On:
| Products | Versions |
|---|---|
| TIBCO ActiveMatrix BusinessWorks | 6.5.1 |
Description
With TIBCO ActiveMatrix 6.5.1 GA release, product has upgraded its Jetty version to v9.4, please refer to BW 6.5.1 Release notes > Changes in Functionality
Due to potential security vulnerabilities in older SSL/TLS protocols, BW 6.5.1 or precisely, Jetty version in BW 6.5.1 by default supports only TLS v1.2 protocol, please refer Jetty product documentation to know more about this restriction.
This also means that, BW 6.5.1 no more supports TLS v1.0, v1.1 and SSL v3 protocols for secure connections. With this change, http based SSL clients which were working fine on lower environments than BW 6.5.1, will not be able to establish the SSL connection with HTTP based services that are exposed on BW 6.5.1.
Environment
TIBCO BW 6.5.1 being used to expose SSL based HTTP service
Resolution
This is a known fact & a restriction imposed by underlying HTTP server implementation. In order to avoid connection failures, TIBCO strongly recommend their customers to upgrade their SSL clients from any of lower protocols mentioned above to TLS v1.2. If upgrading the HTTP client protocols is strictly out of scope, please contact TIBCO support
Issue/Introduction
Clients using TLS v1, TLS v1.1 protocols cannot connect to secure HTTP service after upgrading to BW 6.5.1
Was this article helpful?
Yes
No
Powered by
