The UnForm http object is used in applications that work with an http-based API.  In some cases, those applications require high levels of security.  To accommodate this, you can set TCP options that are used when any http connection is established.  The specific available options vary based on your version of OpenSSL and the version of UnForm, which bundles a runtime engine of a certain level.  In general, the more up to date UnForm is, the more options are available to it.


Dynamic Options

Options can be specified in the http object instance, in the tcpoptions$ property of the instance before a connection is made, as documented here:


https://unform.com/unform10.1/documentation/obj_http.htm


Default Options


In uf100d.ini or uf101d.ini [defaults] section, set the http_opts=string.  This establishes the default options when the object is instantiated.  Here is an example of settings based on requirements imposed by Infor CloudSuite API's:

 

http_opts=TLS1.2;CIPHERS=ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384


This enforces TLS 1.2, and restricts ciphers to those named in CIPHERS=.  


Further Documentation


Cipher names are documented by OpenSSL:


https://www.openssl.org/docs/man1.1.1/man1/ciphers.html


More details about the http_opts options available are found in the runtime engine documentation:


https://manual.pvxplus.com/PXPLUS/command_tags/tcp.htm


Many options became available at certain versions of the runtime.  For reference, these are the versions included with UnForm:


UnForm 9.0:  PxPlus11.0

UnForm 10.0: PxPlus 2016

UnForm 10.1: PxPlus 2021