TLS Support in TIBCO Enterprise Message Service
TIBCO Enterprise Message Service supports the Transport Layer Security (TLS) protocol.
TLS uses public and private keys to encrypt data over a network connection to secure communication between pairs of components:
- between an EMS client and the
tibemsd
server - between the
tibemsadmin
tool or API and the tibemsd server - between MSGMX and the
tibemsd
server - between two routed servers
- between two fault-tolerant servers (not applicable when using FTL stores)
TLS provides secure communication that works with other mechanisms for authentication available in the EMS server. When
authorization
is enabled in the server, the connection undergoes a two-phase authentication process. First, a TLS hand-shake between client and server initializes a secure connection. Second, the EMS server checks the credentials of the client using the supplied username and password. If the connecting client does not supply a valid username and password combination, the connection fails, even if the TLS handshake succeeded.