TLS Security
TIBCO Cloud™ API Management - Local Edition disables Transport Later Security (TLS ) v1.0 out-of-the-box in the Traffic Manager and V3 API. The default settings of Traffic Manager and V3 API can be customized.
Customizing Default Security Settings
The default security settings in both the affected components can be customized by following the steps below before the images are built using the Local EditionInstaller:
- Start the
Local Edition Installer. For more information refer to the
TIBCO Cloud™ API Management - Local Edition Installer section.
For more information refer to the TIBCO Cloud™ API Management - Local Edition Installer section.
- Customize the TLS security settings for Traffic Manager:
a. Open the install-core-tools.sh file at /var/jenkins_home/docker-build/tmgc/install/install-core-tools.sh.
b. Make appropriate changes to the following line:disabled_tls_algorithms='jdk.tls.disabledAlgorithms=SSLv3,SSLv2Hello, TLSv1, RC4, DES, DESede, MD5withRSA, DH keySize < 1024, EC keySize < 224, DES40_CBC, RC4_40'
c. Save the file.
- Customize the TLS security settings for the V3 API in Configuration Manager (Local Edition-Configuration Manager).
- Open the Java security file at /var/jenkins_home/docker-build/tmgc-cm/install/java.security.
- The default entry is as follows:
jdk.tls.disabledAlgorithms=SSLv3,SSLv2Hello, TLSv1, TLSv1.1, RC4, DES, DESede, MD5withRSA, DH keySize < 1024, EC keySize < 224, DES40_CBC, RC4_40
- Make appropriate changes to the above entry, save the file.
- Run the build_docker job to build new images.
Copyright © 2022. Cloud Software Group, Inc. All Rights Reserved.