You can configure default values for various TLS properties in the mf-client.dat file. When a TLS-enabled MFCC client is started, the file is checked for default values. If the client does not specify a value for a property, the value from the file is used instead.
By default, the mf-client.dat file is located in the \bin or \bin64 directory (Windows), or $COBDIR/bin folder (UNIX). The MFC_CONFIG environment variable can be used to specify a different configuration file.
See Specifying a Server Protocol and Cipher Suite Preference chapter for more information.
[TLS] ; Set the depth to which the certificate chain of the peer should be verified ; If a connection does not specify a verify depth (or attempts to set a depth of 0) ; this value will overwrite it ;verify depth=5 ; Flag for whether the client should verify the server's certificate ; If a connection does not specify this flag/sets it to 0, this value will be used ;verify peer=0 ; The TLS protocols field specifies the list of protocols to be used and ; the order of preference in which they are to be used ;protocols= ; The Cipher Suites field specifies the list of ciphers to be used in ; order of preference of use. ;cipher suites= ; The TLS 1.3 specific cipher suites list ;TLS1.3 cipher suites= ; The minimum size in bits of the modulus length of the Diffie-Hellman (DH) group ; that is used to negotiate with connecting peers when using DH cipher suites. ;min dh size= ; The Cipher Groups (previously 'ECC curves') enable you to specify the list of ; ciphers to be used and the order of preference ;cipher groups= ; Set whether the middlebox workaround is disabled. Any setting here overwrites any value ; set on a client. ; Values: "disable" or "enable" ;middlebox workaround=