How to solve 'Unable to proceed: all ciphers have been removed by user preference'

How to solve 'Unable to proceed: all ciphers have been removed by user preference'

book

Article ID: KB0073095

calendar_today

Updated On:

Products

TIBCO ActiveMatrix BusinessWorks

Description

Depending on the cipher suites available on client side, there are cases when after upgrading to EMS 8.5.x client, BW cannot create a connection to the EMS server because there is no cipher suite available.  You may see the following error message in BW:

BW-JMS-100005 Could not create connection with JMS server.[javax.naming.AuthenticationException: Not permitted: Unable to proceed: all ciphers have been removed by user preference [Root exception is javax.jms.JMSSecurityException: Unable to proceed: all ciphers have been removed by user preference]]

 

Issue/Introduction

How to solve 'Unable to proceed: all ciphers have been removed by user preference'

Resolution

Enable "Strong Cipher Suites Only" in SSL Connection. Add the following property to the <application>.tra file and restart BW application. If running in Designer, add the property to a file named properties.cfg under the location specified for java.property.user.dir in designer.tra.
-----------
bw.plugin.security.strongcipher.minstrength=DISABLED_CIPHERS_EXPORTABLE
-----------

By default, with 'Strong Cipher Suites Only' option selected, BW EMS client doesn't use the same strong cipher suites as BW HTTP client, in case of BW as EMS client, cipher suite selection works differently than BW as HTTP client.
 

Additional Information

https://support.tibco.com/s/article/BW-EMS-client-doesn-t-use-the-same-strong-cipher-suites-as-BW-HTTP-client