To configure an ELF-enabled TN3270 listener channel from the UI

Note: This is a technology preview feature only. It is being made available to allow you to test and provide feedback on this new capability; however, this feature is not intended for production use and it is not supported as such.
  1. Make a backup copy of the seelistener.exe.config file, located by default in %ProgramFiles(x86)%\Micro Focus\Enterprise Server \binAnyCPU\SEE :
  2. Start the Enterprise Server for .NET UI. If you need instructions, see To start Enterprise Server for .NET Administration.
  3. In the Tree pane, expand SEE Administration > Configuration Editors, and then select Listener.

    The Listener Configuration Editor opens in the Results pane.

  4. If the seelistener.exe.config file is not already open in the Listener Configuration Editor, select File > Open, and navigate to and double-click the seelistener.exe.config file.
  5. Expand Regions > region-name, and then select TN3270.
    Note: For the ATO patch update, we recommend that you use the provided ESDEMO enterprise server for .NET region.
  6. Set the following options to configure SSL client authentication and enable ELF. For a complete description of each option and value, see Listener Configuration Editor - TN3270 Options:
    Option Values

    Certificate type

    None
    Default. No specified certificate storage type.
    File
    Store certificates in a file. When specified, you must supply values for the File certificate passphrase and File certificate path options.
    Store
    Store certificates in a Windows store. When specified, you must supply values for the Store certificate name and Store certificate store options.

    Client auth: Certificate requirement

    Allowed
    Default. Client certificates are allowed but not requested.
    Requested
    Client certificates are requested but not required.
    Required
    Client certificates are required.

    Client auth: Check revocation

    Check for client certificate revocation. Set to True or False (default).

    Client auth: Check usage

    Check client certificate key-usage permissions. Set to True (default) or False.

    Client auth: Enable ELF

    True

    Client auth: Match hostname

    True

    ELF: APPLID template

    Specify the APPLID to be passed in the DCAS request. Default is blank, meaning that the APPLID is an arbitrary value supplied by the client, or, if the client does not supply an APPLID, the value is the region name.

    ELF: DCAS userid

    Specifies a name value for a user ID known to the region, such as SYSAD. This name is used to invoke the DCAS system transaction. Default is blank, meaning the DCAS request executes under the default CICS user ID.

  7. Click File > Save.