The TIBCO Enterprise Message Service™ 10.2.0, TIBCO FTL® 6.8.0, TIBCO eFTL® 6.8.0, and TIBCO Rendezvous® 8.6.0 releases and later will require strengthening ciphers and certificates, and removing older, exploitable protocols. These releases are introducing a new set of minimum requirements that will affect the backwards compatibility of older certificates, ciphers and keys.

As part of strengthening security, recent versions of TIBCO Messaging products including TIBCO Enterprise Message Service, TIBCO eFTL, and TIBCO Rendezvous have transitioned from OpenSSL 1.1.1 to OpenSSL 3.0. Among other things, in order to support PKCS#12 files encrypted in a way that is supported by OpenSSL 3.0, this introduces the requirement that TIBCO BusinessEvents instances run with the specified minimum builds (or later) of the following versions of Java: 8u301 (Oracle), 8u342 (OpenJDK), 11.0.2 (OpenJDK), 11.0.16 (Oracle).
 
For an extensive description of the specifics and other requirements, please refer to the following article:
https://support.tibco.com/s/article/LBN-for-Advisory-on-legacy-Certificates-Used-with-TIBCO-Messaging