Clients using TLS v1, TLS v1.1 protocols cannot connect to secure HTTP service implemented on BW 6.5.1

Clients using TLS v1, TLS v1.1 protocols cannot connect to secure HTTP service implemented on BW 6.5.1

book

Article ID: KB0077366

calendar_today

Updated On:

Products Versions
TIBCO ActiveMatrix BusinessWorks 6.5.1

Description

With TIBCO ActiveMatrix 6.5.1 GA release, product has upgraded its Jetty version to v9.4, please refer to BW 6.5.1 Release notes > Changes in Functionality

Due to potential security vulnerabilities in older SSL/TLS protocols, BW 6.5.1 or precisely, Jetty version in BW 6.5.1 by default supports only TLS v1.2 protocol, please refer Jetty product documentation to know more about this restriction.

This also means that, BW 6.5.1 no more supports TLS v1.0, v1.1 and SSL v3 protocols for secure connections. With this change, http based SSL clients which were working fine on lower environments than BW 6.5.1, will not be able to establish the SSL connection with HTTP based services that are exposed on BW 6.5.1.

Issue/Introduction

Clients using TLS v1, TLS v1.1 protocols cannot connect to secure HTTP service after upgrading to BW 6.5.1

Environment

TIBCO BW 6.5.1 being used to expose SSL based HTTP service

Resolution

This is a known fact & a restriction imposed by underlying HTTP server implementation. In order to avoid connection failures, TIBCO strongly recommend their customers to upgrade their SSL clients from any of lower protocols mentioned above to TLS v1.2. If upgrading the HTTP client protocols is strictly out of scope, please contact TIBCO support
Powered by Wolken Software