SSL Support in TIBCO Enterprise Message Service

TIBCO Enterprise Message Service supports the Secure Sockets Layer (SSL) protocol.

SSL uses public and private keys to encrypt data over a network connection to secure communication between pairs of components:

  • between an EMS client and the tibemsd server
  • between the tibemsadmin tool and the tibemsd server
  • between two routed servers
  • between two fault-tolerant servers
  • between the Central Administration server and tibemsd servers
  • between the Central Administration server and Web browsers

SSL provides secure communication that works with other mechanisms for authentication available in the EMS server. When authorization is enabled in the server, the connection undergoes a two-phase authentication process. First, an SSL hand-shake between client and server initializes a secure connection. Second, the EMS server checks the credentials of the client using the supplied username and password. If the connecting client does not supply a valid username and password combination, the connection fails, even if the SSL handshake succeeded.

Tip: When authorization is enabled, usernames and passwords are always checked, even on SSL secured connections.