When enabling TLS you will typically need to configure the names and locations of files containing one or more certificates and sometimes private keys. See Certificate Files, Certificate and Key Formats, and PKCS #12 file for more information on types of certificate and key files.
The names of these files are specified in various places, such as in the configurations of enterprise server listeners in ESCWA and in the mf-client.dat file. Where a filename for a certificate or key file is required, you can use either a full name including the absolute path to the file, or a bare filename.
If a bare filename is specified, MFCC and MFCS use the following steps to try to locate the file:
Earlier product versions would sometimes log a message indicating a failure in GkGetSSLDir. As of Visual COBOL 9.0 this function does not fail if the certificate and key file directory has not been configured, as it will return the root directory as a last resort, so that message is no longer generated.