How to restrict CA Privileged Identity Manager Message Queue (Tibco) SSL ciphers.

Document ID : KB000047642
Last Modified Date : 14/02/2018
Show Technical Document Details


sslscan of port 7243 shows vulnerable ciphers


Enterprise Manager 12.8+

Tibco 8.2.2


You can update which ciphers CA Privileged Identity Manager Message Queue (Tibco) to be more secure and disable unwanted ones. 

Edit the tibemsd.conf file on ALL management servers and edit tokens as follows


ssl_dh_size = 2048 

Additional Information:

Tibco patch to 8.2.2 is required for these settings to work correctly. This patch is only provided by a Support case. You can verify your version by running the Start EMS Administration Tool (tibemsadmin) which will show you the version in the copyright.