Public and Private Keys

TIBCO BusinessConnect Container Edition uses both PKI and PGP encryption methods to validate private and public keys. Both in PKI and in PGP method, each key pair has a public and a private part and messages are encrypted with the public part of the key and can only be decrypted with the associated private part of the key. This is done to ensure that only the intended recipient of the message can actually read it.

For creating and verifying signatures on messages, the holder of the private part of the key pair uses the private key to sign the message. Entities, which have the public part of the key pair are then able to verify that the signature on the message was created by the holder of the private part of the key pair and therefore be assured that the message was sent by the holder of the private part of the key pair.

The following keys are supported in TIBCO BusinessConnect Container Edition:

Type of Key Description
Public Keys These keys are provided to the trading partners so that they can encrypt data and verify signatures.
  • For PKI: PKCS#7 public key identity format, which comes in the following fileformats: .p7b and .p7c. .Storing of individual X509 certificates in PEM (base64) andDER (ASN.1 Distinguished Encoding) formats is also supported.
  • For PGP: Supported types are DSA/ElGamal and RSA public key
Private Keys Used to decrypt data and sign messages. The extension of the private key file name is most commonly referenced as .p12, but it may be anything else as long as the data in the file is compliant with the PKCS#12 specification.

Supported types for PGP are DSA/ElGamal and RSA private keys.

SSH Private and Public Keys Used to support the SSHFTP transport in TIBCO BusinessConnect Container Edition.