Data integrity and security is among the top concerns when it comes to integrate diverse applications and systems communicating through public internet with significant potential threats from the cyber attackers. To deal with this, SSL is used which is a standard technology for enabling encrypted secured communication between the two parties. SSL has also gone through various steps of evolution to mitigate the vulnerabilities identified and to introduce more security sophistication in it. This resulted in introduction of various new versions starting from SSL 1.0 (which wasn’t publicly released), SSL 2.0 in 1995, SSL 3.0 in 1996, TLS V1.0 in 1996, TLS V1.1 in 2006 and TLSV1.2 in 2008. In this post, I will talk about how you can Enable TLS V 1.2 in TIBCO BW 5 (BW 5.13).
For the integration solutions developed using TIBCO BW 5.XX, we can add security using these SSL variants. TIBCO BW 5.13 supports TLSV.12 as well but by default it uses TLS V1.0. There can be scenarios where you need to interact with a party which doesn’t support any TLS Version lower than TLS 1.2, so in that case you will have to do the necessary changes so that this version of TLS is used.
For Enabling TLS V1.2 in TIBCO BW 5.13, add the following in bwengine.tra file(available in the path TIBCO_HOME\bw\5.13\bin) :
java.property.TIBCO_SECURITY_VENDOR=j2se
For testing it in debug mode in designer, you need to add the same in designer.tra as well.
After adding the above in the .tra file, restart your engine so that the change takes effect and TLS 1.2 is enabled for future communication.
Thanks for sharing, Ajmal! In order to run locally in Designer I also had to add the same to designer.tra, but this post got me on the right track.
thanks ajmal! can we do tls 1.2 changes specific to a Http soap call
Hi Ajmal,
How do i enable TLS1.2 in Tibco BW5.12?
These steps are for BW 5.XX including 5.12.
hi Ajmal,
the TLS V1.2 is supporting also BW 5.9.3?
TLS 1.2 is supported from 5.12 (with hotfix). 5.13 and above comes with out of box TLS1.2 support.
Hi Giuseppe,
Did you find a solution for 5.9.3? I am facing same problem 🙁
Hi Ajmal,
I am using the following TIBCO 5 Products in my Linux Server:
Adapter
bw
designer
hawk
tibcojre64
tibrv
tpcl
tra
Could you please tell me where else I need to add the java property line in the config files for the TLS v1.2 to support TIBCO 5 poducts apart from bw and designer?
Hi Ajmal,
Can TLS 1.3 be integrated using above steps on BW515.
Thanks