sslscan of port 7243 shows vulnerable ciphers
Enterprise Manager 12.8+
You can update which ciphers CA Privileged Identity Manager Message Queue (Tibco) to be more secure and disable unwanted ones.
Edit the tibemsd.conf file on ALL management servers and edit tokens as follows
ssl_server_ciphers = !RC4-MD5:!RC4-SHA:!DES-CBC-SHA:!EXP-RC4-MD5:!EXP-DES-CBC-SHA:!EDH-DSS-DES-CBC-SHA:!EDH-RSA-DES-CBC-SHA:!EXP-EDH-DSS-DES-CBC-SHA:!EXP-EDH-RSA-DES-CBC-SHA:!EDH-RSA-DES-CBC-SHA:!DES-CBC-SHA:!EDH-RSA-DES-CBC-SHA:!DES-CBC-SHA:ALL
ssl_dh_size = 2048
Tibco patch to 8.2.2 is required for these settings to work correctly. This patch is only provided by a Support case. You can verify your version by running the Start EMS Administration Tool (tibemsadmin) which will show you the version in the copyright.