Configuring SSL in the Server


To use SSL, each instance of tibemsd must have a digital certificate and a private key. The server can optionally require a certificate chain or trusted certificates.

Set the server to listen for SSL connections from clients by using the listen parameter in tibemsd.conf. To specify that a port accept SSL connections, specify the SSL protocol in the listen parameter as follows:

listen = ssl://localhost:7243 

SSL Parameters

Several SSL parameters can be set in tibemsd.conf. The minimum configuration is only one required parameter—ssl_server_identity. However, if the server’s certificate file does not contain its private key, then you must specify it in ssl_server_key.

Within Table 18, the section SSL Server Parameters provides a complete description of the SSL parameters that can be set in tibemsd.conf.

Command Line Options

The server accepts a few command-line options for SSL.

When starting tibemsd, you can specify the following options:


TIBCO Enterprise Message Service™ User’s Guide
Software Release 4.3, February 2006
Copyright © TIBCO Software Inc. All rights reserved
www.tibco.com