Communities
A collaborative platform to connect and grow with like-minded Informaticans across the globe
Product Communities
Connect and collaborate with Informatica experts and champions
Discussions
Have a question? Start a Discussion and get immediate answers you are looking for
User Groups
Customer-organized groups that meet online and in-person. Join today to network, share ideas, and get tips on how to get the most out of Informatica
Get Started
Community Guidelines
Knowledge Center
Troubleshooting documents, product guides, how to videos, best practices, and more
Knowledge Base
One-stop self-service portal for solutions, FAQs, Whitepapers, How Tos, Videos, and more
Support TV
Video channel for step-by-step instructions to use our products, best practices, troubleshooting tips, and much more
Documentation
Information library of the latest product documents
Velocity (Best Practices)
Best practices and use cases from the Implementation team
Learn
Rich resources to help you leverage full capabilities of our products
Trainings
Role-based training programs for the best ROI
Certifications
Get certified on Informatica products. Free, Foundation, or Professional
Product Learning Paths
Free and unlimited modules based on your expertise level and journey
Resources
Library of content to help you leverage the best of Informatica products
Tech Tuesdays Webinars
Most popular webinars on product architecture, best practices, and more
Product Availability Matrix
Product Availability Matrix statements of Informatica products
SupportFlash
Monthly support newsletter
Support Documents
Informatica Support Guide and Statements, Quick Start Guides, and Cloud Product Description Schedule
Product Lifecycle
End of Life statements of Informatica products
Ideas
Events
Change Request Tracking
Marketplace
English
  • B2B Data Exchange 10.5.3
  • All Products

Table of Contents

Search

  1. Preface
  2. Installation Overview
  3. Before You Begin
  4. Pre-Installation Tasks
  5. B2B Data Exchange Installation
  6. Post-Installation Tasks
  7. Installing the Partners Portal on Non-B2B Data Exchange Nodes
  8. Upgrading B2B Data Exchange
  9. Starting and Stopping B2B Data Exchange
  10. Optional B2B Data Exchange Configuration
  11. Installing and Configuring the B2B Data Exchange Accelerator for Data Archive
  12. Uninstallation

B2B Data Exchange Installation and Configuration Guide

B2B Data Exchange Installation and Configuration Guide

Back Next

Enable Transport Layer Security version 1.3

Enable Transport Layer Security version 1.3

Transfer Layer Security (TLS) version 1.3 provides several improvements over the earlier versions such as, simpler and faster TLS handshake, more secure cipher suites, and so on.
Perform the following steps to enable TLSv1.3 on
B2B Data Exchange
 server:
  1. Download the latest available ZULU JDK version 1.8 and deploy it on the machine where the
    B2B Data Exchange
     server was deployed.
  2. Replace the value of JAVA_HOME variable value with the JDK home path where the latest java was deployed (in
    setenv.sh/setenv.bat
     in
    <DX_HOME>/bin
    ).
    For example:
    JAVA_HOME="/root/jdk_1.8_u302/zulu8.56.0.21-ca-jdk8.0.302-linux_x64"
  3. Remove the comments to update the
    JAVA_OPTS
     variable value in
    setenv.sh/setenv.bat
     present in
    <DX_HOME>/bin
    .
    Uncomment the "if-else" block.
    For example: 
    #rem uncomment below lines to use OpenJSSE instead of SunJSSE for TLSv1.3
if [ -z "$JAVA_OPTS" ] ; then
 JAVA_OPTS="-XX:+UseOpenJSSE"
else
 JAVA_OPTS="${JAVA_OPTS} -XX:+UseOpenJSSE"
if
export JAVA_OPTS
  4. Add the following line in the
    dx-configuration.properties
     file present in
    <DX_HOME>/conf/server
     location:
    dx.embedded.tomcat.ssl.sslEnabledProtocols=TLSv1.3
  5. Modify the following fields in the
    server.xml
     file present in
    <DX_HOME>/tomcat/conf
     location:
    1. Update sslEnabledProtocols value to TLSv1.3 in the Connector tag section for secure port.
    2. Remove the existing ciphers and update it with the following ciphers:
      • TLS_AES_256_GCM_SHA384
      • TLS_CHACHA20_POLY1305_SHA256
      • TLS_AES_128_GCM_SHA256
      If you require both TLSv1.2 and TLSv1.3, update the above ciphers to the existing list.
    3. Ensure that the keystoreType type value is "PKCS12".
    4. Update the keystoreProvider value from "SUNJSSE" to "OpenJSSE".
    For example: 
    <Connector port="18443" maxHttpHeaderSize="8192" protocol="HTTP/1.1" SSLEnabled="true"
               maxThreads="150" minSpareThreads="25"
               enableLookups="false" disableUploadTimeout="true"
               acceptCount="100" scheme="https" secure="true"
               clientAuth="false"
               sslProtocol="TLS" sslEnabledProtocols="TLSv1.3"
               URIEncoding="UTF-8"
                           compression="on"
                           compressionMinSize="2048"
                           noCompressionUserAgents="gozilla, traviata"
                           compressableMimeType="text/html,text/xml,text/css,text/javascript,application/javascript,application/json"
                           ciphers="TLS_AES_256_GCM_SHA384,
                                    TLS_CHACHA20_POLY1305_SHA256,
                                    TLS_AES_128_GCM_SHA256"
               keystoreType="PKCS12"
               keystoreFile="conf/Default.keystore"
               keystorePass="changeit"
               keystoreProvider="OpenJSSE"
               server="unknown"
        />
0 COMMENTS
We’d like to hear from you!