To configure TLS default properties for listeners

You can configure default values for various TLS properties in the mf-server.dat file. When a TLS-enabled listener is started, the file is checked for default values. If the listener does not specify a value for a property, the value from the file is used instead.

Note: Not all properties in the mf-server.dat file overwrite the value set for a listener. Some properties can only be set in the mf-server.dat file, and not by the listener.

The mf-server.dat file is located in the $COBDIR\bin or \bin64 directory (Windows), or $COBDIR/bin folder (UNIX).

See Specifying a Server Protocol and Cipher Suite Preference for more information.

[TLS]
; The separator used for passwords if multiple certificates are specified
;password separator=

; The TLS protocols field specifies the list of protocols to be used and 
; the order of preference in which they are to be used
;protocols=

; The Cipher Suites field specifies the list of ciphers to be used in 
; order of preference of use.
;cipher suites=

; The TLS 1.3 specific cipher suites list
;TLS1.3 cipher suites=

; The minimum size in bits of the modulus length of the Diffie-Hellman (DH) group 
; that is used to negotiate with connecting peers when using DH cipher suites. 
;min dh size=

; The Cipher Groups (previously 'ECC curves') enable you to specify the list of 
; ciphers to be used and the order of preference in which they are to be used.
;cipher groups=

; Set whether the middlebox workaround is disabled. Any setting here overwrites any value
; set in a listener. 
; Values: "disable" or "enable" 
;middlebox workaround=

; Set whether the server enforces all clients to use its cipher list
; Values: "yes"/"1", "no"/"0"
; Any setting here overwrites any value set in a listener. 
;honor server cipher list=