Registering SSL-Enabled EMS Servers

TIBCO Enterprise Message Service supports the Secure Sockets Layer (SSL) protocol. The TEA agent for TIBCO Enterprise Message Service allows you to register SSL-enabled TIBCO Enterprise Message Service servers.

Prerequisites

  • The TIBCO Enterprise Message Service server must be configured to use the SSL protocol.
  • The TIBCO Enterprise Message Service server must be running.

Procedure

  1. Make sure that the TIBCO Enterprise Message Service server has been configured to use the SSL protocol. If not, refer to TIBCO Enterprise Message Service User’s Guide, Chapter 20, SSL Support in TIBCO Enterprise Message Service for details on configuring the server.
  2. In the Server Management page click Register Server.
  3. In the Register Server dialog, click the SSL Settings link to open the SSL Parameters dialog.
  4. Enter the information in the following fields:

    Client Identity: Upload the client's digital certificate.

    Trusted Certificate: Upload the root certificate of the CA that issued the server certificate.

    Expected Server's Hostname: The hostname that appears in the CN field of the server's certificate. If the CN field was not set in the certificate, enter the hostname of the server. This value will be used if you select the Verify Server's Hostname check box.

    Private Key Password: Enter the password for the client's private key.

    Cipher Suites: Enter a colon-separated list of the names of the cipher suites that the client is allowed to use.

    Verify Server's Hostname: Select this field if you want the client to verify the hostname of the server with the value for the CN field in the server's certificate.

    Verify Server Certificate: Select this field if you want the client to verify the server's certificate or identity.

  5. Click Done.
  6. Click Register Server.