How to set the minimum TLS version when connecting to a secured DataGrid?
Article ID: KB0073499
Updated On:
| Products | Versions |
|---|---|
| TIBCO BusinessEvents Enterprise Edition | 5.5 and later |
Description
Our BusinessEvents application connects to a secured ActiveSpaces DataGrid. A security vulnerability scan flagged our BusinessEvents application for allowing TLS 1.0 connections on the listen port for the ActiveSpaces DataGrid. How can we enforce a minimum (i.e. earliest) allowed TLS version in this case?
Issue/Introduction
Describes how to enforce a minimum-allowed TLS version for secured DataGrid connections.
Environment
All Supported Platforms
Resolution
Upgrade to ActiveSpaces 2.4.1 HF6 (or later) to take advantage of the newer configuration option min_tls_version. Set this in the ActiveSpaces security policy file, for example..
min_tls_version=TLS1.1
The above example will not allow connections using TLSv1.0 and earlier.
Feedback
Yes
No
Powered by
