How to use "Elliptical Curve Cryptography (ECC)" Cipher in BW?

How to use "Elliptical Curve Cryptography (ECC)" Cipher in BW?

book

Article ID: KB0086020

calendar_today

Updated On:

Products Versions
TIBCO ActiveMatrix BusinessWorks -
Not Applicable -

Description

Resolution:
[SME-Comments] Support-Only
Environment
==========
ALL

Description
============
BW client cannot connect to WAS server v7.x because the WAS server requires the client to handle "Elliptical Curve Cryptography (ECC)" Cipher.  The exception is:

javax.net.ssl.SSLException: Received fatal alert: unexpected_message

From the following SSL stacktrace it shows BW does not present the ECC cipher to server in ClientHello message.

*** ClientHello, TLSv1
RandomCookie:  GMT: 1378346768 bytes = { 39, 42, 109, 176, 207, 142, 233, 18, 15, 67, 255, 97, 229, 152, 138, 79, 36,

245, 4, 230, 164, 140, 6, 101, 192, 234, 91, 115 }
Session ID:  {}
Cipher Suites: [SSL_RSA_WITH_RC4_128_MD5, SSL_RSA_WITH_RC4_128_SHA, SSL_RSA_WITH_AES_128_CBC_SHA,

SSL_DHE_RSA_WITH_AES_128_CBC_SHA, SSL_DHE_DSS_WITH_AES_128_CBC_SHA, SSL_RSA_WITH_3DES_EDE
_CBC_SHA, SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA,

SSL_DHE_DSS_WITH_RC4_128_SHA, SSL_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, SSL_ECDHE_RSA_WITH_AES_128_CBC_SHA,

SSL_ECDH_ECDSA_WIT
H_AES_128_CBC_SHA, SSL_ECDH_RSA_WITH_AES_128_CBC_SHA, SSL_ECDHE_ECDSA_WITH_RC4_128_SHA,

SSL_ECDHE_RSA_WITH_RC4_128_SHA, SSL_ECDH_ECDSA_WITH_RC4_128_SHA, SSL_ECDH_RSA_WITH_RC4_128_SHA,

SSL_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, SSL_ECDHE_RSA_W
ITH_3DES_EDE_CBC_SHA, SSL_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, SSL_ECDH_RSA_WITH_3DES_EDE_CBC_SHA,

SSL_RENEGO_PROTECTION_REQUEST]
Compression Methods:  { 0 }
Extension elliptic_curves, curve names: {secp256r1, secp192r1, secp224r1, secp384r1, secp521r1, secp160k1, secp160r1,

secp160r2, secp192k1, secp224k1, secp256k1}
Extension ec_point_formats, formats: [uncompressed]
***
WRITE: TLSv1 Handshake, length = 125
READ: TLSv1 Alert, length = 2
RECV TLSv1 ALERT:  fatal, unexpected_message
called closeSocket()
handling exception: javax.net.ssl.SSLException: Received fatal alert: unexpected_message

Resolution
==========
Java 7 adds Elliptical Curve cryptography support. You can find security provider "SunEC" in java.security file.

security.provider.3=sun.security.ec.SunEC

BW 5.11 supports java 7. So you need to upgrade TRA to 5.8 and BW to 5.11.

Issue/Introduction

How to use "Elliptical Curve Cryptography (ECC)" Cipher in BW?