Listeners

Use this page to create a new listener.

To create a new listener:

  1. Click * New Listener.
  2. Modify the listener properties as required.
  3. Click Save.

The properties for a listener are:

Name
Specify the unique name of the listener, up to 255 characters in length. You cannot include angle brackets (<>) or ampersands (&) in the name.
Legacy Micro Focus Application Format
Check this if you want the listener to handle non-standard TCP/IP flows, for example, for Fileshare clients.
Protocol
This can be set to tcp or smem for shared memory protocols.
Hostname or IP Address
This can be a single hostname or multiple IP addresses that can be either IPv4 or IPv6.
Note: Specifying 0.0.0.0 binds on all available IPv4 addresses. Specifying :: binds on all available IPv6 addresses. Specifying * binds on all available IPv4 and IPv6 addresses.
port
This must be a valid port or an asterisk * which indicates that the address is dynamically assigned for the listener when it starts.

To add additional addresses, click the + icon . To remove an addresses, click the - icon.

Note: If this network address is not unique in the repository, this might cause listener start-up problems.

For an enterprise server instance, you can create a secure listener to encrypt the communications it handles. To do this, click TLS Settings, this expands the TLS Settings group.

You must specify the following fields:

Enable TLS
Enables Transport Layer Security (TLS) for this communications process.
Certificate File
The location, on disk, of the certificate. If multiple certificates are used, separate the paths with a semicolon ';'.
Keyfile
The location, on disk, of the keyfile. If multiple keyfiles are used, separate the paths with a semicolon ';'.

TLS Advanced Settings

Optionally, click Advanced to expand the advanced group of options:

Client Authentication
Accept all clients
Allow all clients to communicate with the server without being checked for a TLS/SSL certificate.
Request client certificate, and verify if present
Requests the client for a certificate, and to verify the returned certificate. If the client does not return a certificate, communication continues between the client and server. If a certificate is returned and it fails to verify, communication stops.
Note: If you select this, you must specify the CA root certificates file.
Require client certificate, and verify
Always require a client certificate and to verify it. This ensures that the client is trusted. If a certificate is not returned or it cannot be verified, communication between the client and server is stopped.
Note: If you select this, you must specify the CA root certificates file.
Honor Server Cipher List
By default, the TLS Honor Server Cipher List is checked. This forces clients to use the protocols and cipher suites specified in order of their priority.
Protocols
The list of TLS protocols to be used, in order of precedence. Each specified protocol is preceded by one of the following operators:
!
Exclude. Permanently exclude the protocol and ignore any subsequent attempt to add the protocol back in.
+
Add. Add the protocol to the existing collection.
-
Delete. Delete the protocol from the existing collection.
For example, to only use TLS1.1 and TLS1.2, type -ALL+TLS1.1+TLS1.2
Note: The Protocols field now supports TLS1.3.
Cipher Suites
Specifies the priority of cipher suites to be used. The cipher suite priority is formed using a combination of keywords and keyword modifiers for a space-separated string:
!
Exclude. Permanently exclude the cipher suite and ignore any subsequent attempt to add the cipher suite back in.
+
Add. Add the cipher suite to the end of the collection. * - - Delete. Delete the cipher suite from the existing collection.
By default, the following cipher suite list is used:
kEECDH+ECDSA kEECDH kEDH HIGH MEDIUM +3DES +SHA !RC4 !aNULL !eNULL !LOW !MD5 !EXP
		
TLS1.3 Cipher Suites
The list of cipher suites to be used with TLS1.3 separated by a colon ':'. For example:
TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256
		
Diffie-Hellman Minimum Group Size
Specifies the size in bits of the modulus length of the Diffie-Hellman group.Note: Micro Focus recommends a minimum modulus size of 2048 bits.
Key Exchange Cipher Groups
Key Exchange Cipher Groups - The key exchange cipher groups to be used, separated by semicolons ';'. For example:
secp521r1;secp384r1;prime256v1;secp256k1;secp224r1;secp224k1;prime192v1
TLS1.3 Middlebox Compatibility
Enables workaround for TLS1.3 on networks with incompatible middleboxes, for example, routers and firewalls. Disabling this can improve performance on compatible networks but might result in dropped connections otherwise.
Conversation Type
Specifies the conversation types that the listener supports:
WebServices and J2EE
For client requests that use either of the conversation protocols supported by the Micro Focus request handlers, MFRHBINP and MFRHSOAP.
Web
For World Wide Web (HTTP) requests; Enterprise Server uses a Web listener for service deployment.
Fileshare
For Fileshare client requests.
TN3270
For requests from TN3270 terminals.
MSS Inter-System Communication
For CICS Intersystem Communication (peer-to-peer) and for requests for CICS transactions from non-CICS programs. This conversation type handles both inbound and outbound calls. Only one listener of this type can be used with an enterprise server. The corresponding conversation type in previous Enterprise Server software releases is Micro Focus MTO Inter-System Communication.
Note: This conversation type uses Legacy Micro Focus Application Format.
MSS Inter-System Communication (inbound only)
For CICS Intersystem Communication (peer-to-peer) and for requests for CICS transactions from non-CICS programs. This conversation type handles inbound calls only. Only one listener of this type can be used with an enterprise server. The corresponding conversation type in previous Enterprise Server software releases is Micro Focus MTO Inter-System Communication.
Note: This conversation type uses Legacy Micro Focus Application Format.
CICS Transaction Gateway
This is similar in functionality to the previous two conversation types (MSS Inter-System Communication), except that it does not use Legacy Micro Focus Application Format.
Custom
This can be used for any other type of requests. You can select whether or not to use Legacy Micro Focus Application Format.
DCAS
Digital Certificate Access Server (DCAS) is a TCP/IP server that enables the generation of temporary user credentials from X.509 certificates. See DCAS conversation type for more information.
RFA
Remote File Access (RFA) is a feature of Enterprise Server which provides a set of Web APIs for reading, writing, creating, and deleting ordinary files, COBOL data files, cataloged datasets, and spool output datasets. See Remote File Access conversation type for more information.
Custom Configuration
Specify optional textual configuration information that determines the start-up and run-time behavior of the listener.
Description
Specify an optional text description of the listener, for example, its function and owner.
Status
Current status of the listener.
Requested Status
Change to request a new status for the listener. When a listener is started on a started region, this can be set to Stopped to stop the listener on this region.
Actual Address
The list of addresses where the listener is listening. This takes the form protocol:hostname or ip-address:port.