The UnForm http object is used in applications that work with an http-based API. In some cases, those applications require high levels of security. To accommodate this, you can set TCP options that are used when any http connection is established. The specific available options vary based on your version of OpenSSL and the version of UnForm, which bundles a runtime engine of a certain level. In general, the more up to date UnForm is, the more options are available to it.
Dynamic Options
Options can be specified in the http object instance, in the tcpoptions$ property of the instance before a connection is made, as documented here:
https://unform.com/unform10.1/documentation/obj_http.htm
Default Options
In uf100d.ini or uf101d.ini [defaults] section, set the http_opts=string. This establishes the default options when the object is instantiated. Here is an example of settings based on requirements imposed by Infor CloudSuite API's:
http_opts=TLS1.2;CIPHERS=ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384
This enforces TLS 1.2, and restricts ciphers to those named in CIPHERS=.
Further Documentation
Cipher names are documented by OpenSSL:
https://www.openssl.org/docs/man1.1.1/man1/ciphers.html
More details about the http_opts options available are found in the runtime engine documentation:
https://manual.pvxplus.com/PXPLUS/command_tags/tcp.htm
Many options became available at certain versions of the runtime. For reference, these are the versions included with UnForm:
UnForm 9.0: PxPlus11.0
UnForm 10.0: PxPlus 2016
UnForm 10.1: PxPlus 2021