To enable TLS (SSL), add a SUBSYSTEM COMM_PROTOCOL SSL section to ctsrvr.cfg containing your specified TLS configuration options.
Supported options
SERVER_CERTIFICATE_FILE - provide the name of the PEM-encoded certificate file that contains the FairCom DB server certificate.
SERVER_PRIVATE_KEY_FILE - indicate the name of the file containing the private key.
SERVER_ENCRYPTED_STORE_FILE - create an encrypted store file.
SSL_CONNECTIONS_ONLY - allow or deny connections that use SSL to connect to the FairCom DB Server.
SSL_CIPHERS - set the encryption ciphers that are allowed to be used for encrypting the SSL connection.
DEBUG_LOG - write messages to the specified <log file>.
VERIFY_CLIENT_CERTIFICATE - require the client to supply an X.509 certificate or not.
X509_AUTHENTICATION - enable or disable using an X.509 certificate at logon for authentication and database authorization