When BW 5.12uses the security vendor "j2se" and acts as a client, it fails when the server does not support TLSv1 but uses SSLv3,reporting "bad_record_MAC". Using "entrust61" will work.

When BW 5.12uses the security vendor "j2se" and acts as a client, it fails when the server does not support TLSv1 but uses SSLv3,reporting "bad_record_MAC". Using "entrust61" will work.

book

Article ID: KB0093576

calendar_today

Updated On:

Products Versions
TIBCO ActiveMatrix BusinessWorks -
Not Applicable -

Description

Resolution:
Using J2SE would ask for one more engine property: java.property.com.sun.net.ssl.rsaPreMasterSecretFix=true

or use the default security vendor "entrust61".

You could set up a SSL server by: F:\tibco\ems\8.1\samples\certs>openssl s_server -accept 9999 -key client.key.pem -cert client.cert.pem -www -no_tls1 -debug . Refer KB 41062 for more information.

See the following attachments for reference. (Filename: emsclient.p12, P12File_Identity.zip).

Issue/Introduction

When BW 5.12uses the security vendor "j2se" and acts as a client, it fails when the server does not support TLSv1 but uses SSLv3,reporting "bad_record_MAC". Using "entrust61" will work.

Additional Information

KB 41062,KB 42339,KB26803

Attachments

When BW 5.12uses the security vendor "j2se" and acts as a client, it fails when the server does not support TLSv1 but uses SSLv3,reporting "bad_record_MAC". Using "entrust61" will work. get_app
When BW 5.12uses the security vendor "j2se" and acts as a client, it fails when the server does not support TLSv1 but uses SSLv3,reporting "bad_record_MAC". Using "entrust61" will work. get_app
Powered by Wolken Software