Configure SSL Button

The Configure SSL button allows you to specify the SSL parameters for the HTTP request. The following are the fields in the SSL Configuration for HTTPS Client Requests dialog:

Field

Description

Trusted Certificates Folder

Folder in the project containing one or more certificates from trusted certificate authorities. This folder is checked when a client connects to the HTTP server to ensure that the server is trusted. This prevents connections to rogue servers.

Identity

This is an Identity resource that contains the client’s digital certificate and private key.

For more information, see TIBCO Designer™ Palette Reference.

Verify Host Name

This field specifies to check the host name of the HTTP server against the host name listed in the server’s digital certificate. This provides additional verification that the host name you believe you are connecting to is in fact the desired host.

If the host name specified in the Host field on the Configuration tab is not an exact match to the host name specified in the server’s digital certificate, the connection is refused.

Note: If you specify an equivalent hostname (for example, an IP address) in the Host field, but the name is not an exact match of the hostname in the host’s digital certificate, the connection is refused.

Strong Cipher Suites Only

When checked, this field specifies that the minimum strength of the cipher suites used can be specified with the bw.plugin.security.strongcipher.minstrength custom engine property. For more information about this property, see TIBCO ActiveMatrix BusinessWorks™ Administration. The default value of the property disables cipher suites with an effective key length below 128 bits.

When this field is unchecked, only cipher suites with an effective key length of up to 128 bits can be used.

Note: Server Name Indication (SNI) is available only when the security provider is J2SE

and is enabled by default with this provider. Set the property jsse.enableSNIExtension to false to disable the SNI extension.