Why it is advised to have RV version 8.4.5 or more for EMS 8.3 ?
Article ID: KB0075714
Updated On:
| Products | Versions |
|---|---|
| TIBCO Enterprise Message Service | 8.3 |
Description
From the supporting document it is advised to have RV version 8.4.5 or more for EMS 8.3
Is there is any specific reasons for having the RV 8.4.5 for EMS 8.3.0 or any known issues for using the lower versions of RV?
Is there is any specific reasons for having the RV 8.4.5 for EMS 8.3.0 or any known issues for using the lower versions of RV?
Issue/Introduction
To enforce TLS 1.2 protocol you will need RV 8.4.5 .
Environment
All
Resolution
Here is the reason why it is recommended to use RV 8.4.5
--RV 8.4.0
RV 8.3.x, 8.4.0, 8.4.1, 8.4.2 depends on OpenSSL 0.9.8, which by default offers TLS 1.0 and SSLV3
RV 8.4.4 depends on OpenSSL 1.0.1p, which by default offers TLS 1.0
RV 8.4.5 depends on OpenSSL 1.0.2f, which by default offers TLS 1.0, TLS 1.1 and TLS 1.2
where as RV 8.4.0 supports only TLS 1.0
Now coming towards EMS perspective ,
--EMS 8.3.0:
EMS 8.3 relies on OpenSSL 1.0.2f. It is fully tested with TLSv 1.2 protocol and ciphers. It supports TLS 1.2, TLS 1.1 and TLS 1.0.
Since 8.3, EMS starts to support TLS 1.2 protocol, the EMS user guide lists all the TLS 1.2 cipher suites supported by JAVA. JAVA 8 supports all those TLS 1.2 cipher suites. JAVA 7 only supports part of the TLS 1.2 cipher suites.
If you specify the TLSv1.2 cipher suites listed in EMS User's Guide in the EMS server configuration, the server will only allow SSL connections using the TLSv1.2 protocol.
So it is strongly recommended to you to upgrade RV 8.4.5 which supports TLS 1.0, TLS 1.1 and TLS 1.2
Note: If you need to enforce TLS 1.2 protocol, both EMS server and client need to be version 8.3+. and RV 8.4.5
--Here is the summary of what we want to explain: You can use RV 8.4.4 along with EMS 8.3 as long as you are using TLS 1.0 but as I explained above to enforce TLS 1.2 protocol you will need RV 8.4.5 .
--RV 8.4.0
RV 8.3.x, 8.4.0, 8.4.1, 8.4.2 depends on OpenSSL 0.9.8, which by default offers TLS 1.0 and SSLV3
RV 8.4.4 depends on OpenSSL 1.0.1p, which by default offers TLS 1.0
RV 8.4.5 depends on OpenSSL 1.0.2f, which by default offers TLS 1.0, TLS 1.1 and TLS 1.2
where as RV 8.4.0 supports only TLS 1.0
Now coming towards EMS perspective ,
--EMS 8.3.0:
EMS 8.3 relies on OpenSSL 1.0.2f. It is fully tested with TLSv 1.2 protocol and ciphers. It supports TLS 1.2, TLS 1.1 and TLS 1.0.
Since 8.3, EMS starts to support TLS 1.2 protocol, the EMS user guide lists all the TLS 1.2 cipher suites supported by JAVA. JAVA 8 supports all those TLS 1.2 cipher suites. JAVA 7 only supports part of the TLS 1.2 cipher suites.
If you specify the TLSv1.2 cipher suites listed in EMS User's Guide in the EMS server configuration, the server will only allow SSL connections using the TLSv1.2 protocol.
So it is strongly recommended to you to upgrade RV 8.4.5 which supports TLS 1.0, TLS 1.1 and TLS 1.2
Note: If you need to enforce TLS 1.2 protocol, both EMS server and client need to be version 8.3+. and RV 8.4.5
--Here is the summary of what we want to explain: You can use RV 8.4.4 along with EMS 8.3 as long as you are using TLS 1.0 but as I explained above to enforce TLS 1.2 protocol you will need RV 8.4.5 .
Feedback
Yes
No
Powered by
