Use this page to create a new listener.
To create a new listener:
- Click
* New Listener.
- Modify the listener properties as required.
- Click
Save.
The properties for a listener are:
- Name
- Specify the unique name of the listener, up to 255 characters in length. You cannot include angle brackets (<>) or ampersands
(&) in the name.
- Legacy Micro Focus Application Format
- Check this if you want the listener to handle non-standard TCP/IP flows, for example, for Fileshare clients.
- Protocol
- This can be set to tcp or smem for shared memory protocols.
- Hostname or IP Address
- This can be a single hostname or multiple IP addresses that can be either IPv4 or IPv6.
Note: Specifying 0.0.0.0 binds on all available IPv4 addresses. Specifying :: binds on all available IPv6 addresses. Specifying
* binds on all available IPv4 and IPv6 addresses.
- port
- This must be a valid port or an asterisk * which indicates that the address is dynamically assigned for the listener when
it starts.
To add additional addresses, click the
+ icon . To remove an addresses, click the
- icon.
Note: If this network address is not unique in the repository, this might cause listener start-up problems.
For an enterprise server instance, you can create a secure listener to encrypt the communications it handles. To do this,
click
TLS Settings, this expands the
TLS Settings group.
You must specify the following fields:
- Enable TLS
- Enables Transport Layer Security (TLS) for this communications process.
- Certificate File
- The location, on disk, of the certificate. If multiple certificates are used, separate the paths with a semicolon ';'.
- Keyfile
- The location, on disk, of the keyfile. If multiple keyfiles are used, separate the paths with a semicolon ';'.
TLS Advanced Settings
Optionally, click
Advanced to expand the advanced group of options:
- Client Authentication
-
- Accept all clients
- Allow all clients to communicate with the server without being checked for a TLS/SSL certificate.
- Request client certificate, and verify if present
- Requests the client for a certificate, and to verify the returned certificate. If the client does not return a certificate,
communication continues between the client and server. If a certificate is returned and it fails to verify, communication
stops.
Note: If you select this, you must specify the CA root certificates file.
- Require client certificate, and verify
- Always require a client certificate and to verify it. This ensures that the client is trusted. If a certificate is not returned
or it cannot be verified, communication between the client and server is stopped.
Note: If you select this, you must specify the CA root certificates file.
- Honor Server Cipher List
- By default, the TLS
Honor Server Cipher List is checked. This forces clients to use the protocols and cipher suites specified in order of their priority.
- Protocols
- The list of TLS protocols to be used, in order of precedence. Each specified protocol is preceded by one of the following
operators:
- !
- Exclude. Permanently exclude the protocol and ignore any subsequent attempt to add the protocol back in.
- +
- Add. Add the protocol to the existing collection.
- -
- Delete. Delete the protocol from the existing collection.
For example, to only use TLS1.1 and TLS1.2, type
-ALL+TLS1.1+TLS1.2
Note: The
Protocols field now supports TLS1.3.
- Cipher Suites
- Specifies the priority of cipher suites to be used. The cipher suite priority is formed using a combination of keywords and
keyword modifiers for a space-separated string:
- !
- Exclude. Permanently exclude the cipher suite and ignore any subsequent attempt to add the cipher suite back in.
- +
- Add. Add the cipher suite to the end of the collection. * - - Delete. Delete the cipher suite from the existing collection.
By default, the following cipher suite list is used:
kEECDH+ECDSA kEECDH kEDH HIGH MEDIUM +3DES +SHA !RC4 !aNULL !eNULL !LOW !MD5 !EXP
- TLS1.3 Cipher Suites
- The list of cipher suites to be used with TLS1.3 separated by a colon ':'. For example:
TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256
- Diffie-Hellman Minimum Group Size
- Specifies the size in bits of the modulus length of the Diffie-Hellman group.Note: Micro Focus recommends a minimum modulus
size of 2048 bits.
- Key Exchange Cipher Groups
- Key Exchange Cipher Groups - The key exchange cipher groups to be used, separated by semicolons ';'. For example:
secp521r1;secp384r1;prime256v1;secp256k1;secp224r1;secp224k1;prime192v1
- TLS1.3 Middlebox Compatibility
- Enables workaround for TLS1.3 on networks with incompatible middleboxes, for example, routers and firewalls. Disabling this
can improve performance on compatible networks but might result in dropped connections otherwise.
- Conversation Type
- Specifies the conversation types that the listener supports:
- WebServices and J2EE
- For client requests that use either of the conversation protocols supported by the Micro Focus request handlers, MFRHBINP
and MFRHSOAP.
- Web
- For World Wide Web (HTTP) requests; Enterprise Server uses a Web listener for service deployment.
- Fileshare
- For Fileshare client requests.
- TN3270
- For requests from TN3270 terminals.
- MSS Inter-System Communication
- For CICS Intersystem Communication (peer-to-peer) and for requests for CICS transactions from non-CICS programs. This conversation
type handles both inbound and outbound calls. Only one listener of this type can be used with an enterprise server. The corresponding
conversation type in previous Enterprise Server software releases is Micro Focus MTO Inter-System Communication.
Note: This conversation type uses
Legacy Micro Focus Application Format.
- MSS Inter-System Communication (inbound only)
- For CICS Intersystem Communication (peer-to-peer) and for requests for CICS transactions from non-CICS programs. This conversation
type handles inbound calls only. Only one listener of this type can be used with an enterprise server. The corresponding conversation
type in previous Enterprise Server software releases is Micro Focus MTO Inter-System Communication.
Note: This conversation type uses
Legacy Micro Focus Application Format.
- CICS Transaction Gateway
- This is similar in functionality to the previous two conversation types (MSS Inter-System Communication), except that it does
not use
Legacy Micro Focus Application Format.
- Custom
- This can be used for any other type of requests. You can select whether or not to use
Legacy Micro Focus Application Format.
- DCAS
- Digital Certificate Access Server (DCAS) is a TCP/IP server that enables the generation of temporary user credentials from
X.509 certificates. See
DCAS conversation type for more information.
- RFA
- Remote File Access (RFA) is a feature of
Enterprise Server which provides a set of Web APIs for reading, writing, creating, and deleting ordinary files, COBOL data files, cataloged
datasets, and spool output datasets. See
Remote File Access conversation type for more information.
- Custom Configuration
- Specify optional textual configuration information that determines the start-up and run-time behavior of the listener.
- Description
- Specify an optional text description of the listener, for example, its function and owner.
- Status
- Current status of the listener.
- Requested Status
- Change to request a new status for the listener. When a listener is started on a started region, this can be set to
Stopped to stop the listener on this region.
- Actual Address
- The list of addresses where the listener is listening. This takes the form
protocol:hostname or ip-address:port.