To improve security we added new driver settings for the SOAP driver. In this blog you can read more about what these settings do and how you can improve the security of your environments. As a system administrator you can use the
min_tls_version and the
cipher_suite settings to set the minimum required protocol and cipher for the network connection. This means that the server cannot downgrade to a non-secure TLS version or cipher during a connection negotiation.
The new settings are:
When not set, the system will default to version 1.2.
<ciphers> = the list of ciphers to use for the connection to the HTTPS proxy. The list consists of one or more cipher strings separated by colons. Comma separators are allowed but colons are normally used. The cipher_list also supports options like, DEFAULT, ALL, LOW, MEDIUM and HIGH. See the Uniface documentation for details.
In the ASN file
You can add the new settings in the drivers section of your ASN file:
USYS$SOP_PARAMS cto =
If you're using 4GL, you can overwrite the driver setting by using the
The ProcScript overrides the ASN settings at runtime.
If you have any comments or questions, feel free to start a discussion in the Uniface forums.
Here are some useful links to documentation on the mentioned options: