TIBCO BusinessEvents - Advisory on Legacy certificates used with TIBCO Messaging

TIBCO BusinessEvents - Advisory on Legacy certificates used with TIBCO Messaging

book

Article ID: KB0107949

calendar_today

Updated On:

Products Versions
TIBCO BusinessEvents Enterprise Edition 6.x
TIBCO FTL 6.8.0
TIBCO eFTL 6.8.0

Description

The TIBCO Enterprise Message Service™ 10.2.0, TIBCO FTL® 6.8.0, TIBCO eFTL® 6.8.0, and TIBCO Rendezvous® 8.6.0 releases and later will require strengthening ciphers and certificates, and removing older, exploitable protocols. These releases are introducing a new set of minimum requirements that will affect the backwards compatibility of older certificates, ciphers and keys.

Environment

All Supported Platforms

Resolution

As part of strengthening security, recent versions of TIBCO Messaging products including TIBCO Enterprise Message Service, TIBCO eFTL, and TIBCO Rendezvous have transitioned from OpenSSL 1.1.1 to OpenSSL 3.0. Among other things, in order to support PKCS#12 files encrypted in a way that is supported by OpenSSL 3.0, this introduces the requirement that TIBCO BusinessEvents instances run with the specified minimum builds (or later) of the following versions of Java: 8u301 (Oracle), 8u342 (OpenJDK), 11.0.2 (OpenJDK), 11.0.16 (Oracle).
 
For an extensive description of the specifics and other requirements, please refer to the following article:
https://support.tibco.com/s/article/LBN-for-Advisory-on-legacy-Certificates-Used-with-TIBCO-Messaging
 

Issue/Introduction

In recent releases, TIBCO Enterprise Message Service, TIBCO FTL/eFTL, and TIBCO Rendezvous will require strengthening ciphers and certificates, and removing older, exploitable protocols, as result of support for OpenSSL 3.0