EMS servers can use SSL for secure data exchange (standard usage), or only for client authentication. This section describes the use of SSL for client authentication.
Some applications require strong or encrypted authentication, but do not require message encryption.
In this situation, application architects could configure SSL with a null cipher. However, this solution incurs internal overhead costs of SSL calls, decreasing message speed and throughput.
For optimal performance, the preferred solution is to use SSL only to authenticate clients, and then avoid SSL calls thereafter, using ordinary TCP communications for subsequent data exchange. Message performance remains unaffected.
All three of these preconditions must be satisfied to use SSL only for authentication:
ssl_auth_only
in the main configuration file.ssl_auth_only
, or programs can call the Java method TibemsSSL.setAuthOnly
(or the equivalent C function, tibemsSSLParams_SetAuthOnly).
TIBCO Enterprise Message Service™ User’s Guide Software Release 4.3, February 2006 Copyright © TIBCO Software Inc. All rights reserved www.tibco.com |