TEA server to support the TLS setting exposed by JETTY server.

Below are the Ciphersuites properties for Including/Excluding Strong/Weak Ciphers.

tea.server.IncludeCipherSuites
tea.server.ExcludeCipherSuites

Product:TIBCO Enterprise Administrator(TEA) , TIBCO Enterprise Administrator(TEA) -SDK. Version:2.3.0 Hotfix:05 OS:ALL

Steps to implement:

1) Install TEA 2.3.0 hotfix 05
2) Edit the tea.conf file under $tea-home/cfgmgmt/tea/conf directory.
3) Add the below property to include TLSv 1.2 strong ciphers.

tea.server.includeCipherSuites="TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_RSA_WITH_AES_128_GCM_SHA256,TLS_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384"

4) To exclude Weak Ciphers Add the below property

  tea.server.ExcludeCipherSuites="^.*_(MD5|SHA|SHA1)$"

5) Restart the TEA Server.

PS:  Above provided cipher property values are for reference, can be modified as per requirement.

 
 

TEA 2.3.0 hotfix 05 allows TEA server to Include Strong TLS Ciphers and exclude Week Ciphers.

Please refer to TLS settings at 
http://www.eclipse.org/jetty/documentation/current/configuring-ssl.html#configuring-sslcontextfactory-cipherSuites