To manually configure a TN3270 listener channel for ELF

Note: This is a technology preview feature only. It is being made available to allow you to test and provide feedback on this new capability; however, this feature is not intended for production use and it is not supported as such.
  1. Make a backup copy of the seelistener.exe.config file, located by default in %ProgramFiles(x86)%\Micro Focus\Enterprise Server \binAnyCPU\SEE
  2. Open seelistener.exe.config in a text editor running as administrator.
  3. Find the following code:
    <channel name="TN3270" protocol="tn3270" port="9023" enabled="yes" />

    The <channel> element uses shorthand notation with no closing tag.

  4. Change the <channel> notation code to use a closing tag. This is required to enable you to add a child element. For example:
    <channel name="TN3270" protocol="tn3270" port="9023" enabled="yes">
    </channel>
  5. Add a set of <ssl> element tags as a child element of <channel> as follows:
    <channel name="TN3270" protocol="tn3270" port="9023" enabled="yes">
    <ssl></ssl>
    </channel>
  6. Between the <ssl> element tags, add the <clientAuth> child element using full notation, specifying one option for each attribute as follows (default settings in bold):
    <clientAuth 
       certificateOption="{Allowed|Requested|Required}" 
       checkRevocation="{True|False}" 
       matchHostname="{True|False}" 
       checkUsage="{True|False}"></clientAuth>
    Note: Some TN3270 clients send a client certificate only when the certificateOption attribute is set to Requested or Required.
  7. Add the <elf> element as a child element of <clientAuth> as follows:
    <elf applidTemplate="format-string" dcasUserID="name" />

    For information on valid values for the applidTemplate and dcasUserID attributes, see the Listener Channel Configuration - XML Reference topic.

  8. Save the seelistener.exe.config file.

Example

The following is an example excerpt from seelistener.exe.config of a channel configuration with SSL client authorization enabled, ELF enabled, and DCAS communications enabled:

          <channel name="TN3270ELF" port="9523" protocol="TN3270">
            <ssl>
              <certificate
                file="c:/path/to/seelistener.pfx"
                passphrase="Secret certificate passphrase"/>
              <clientAuth
                certificateOption="Required"
                checkRevocation="False"
                matchHostname="False"
                checkUsage="False">
                <elf applidTemplate="{0}-{1}" dcasUserID="SYSAD" />
              </clientAuth>
            </ssl>
          </channel>