The DataServer broker or an MSS DataServer instance of the Unified Broker on a host machine determines the protocol requirements of the clients that connect to server components started by the broker on behalf of a connecting client. A distributed ProBroker or Unified Broker environment can accepts a -sslstartup or command line argument on the host machine to indicate that the types of client requests that the spawned DataServer can handle should be using TLS protocol over the network.
Note: TLS-related settings such as keyalias, keyaliaspasswd, and ssl configured for ProBroker are automatically passed to the DataServer server process. Whereas, as with all other startup parameters, you must specify the ‑ssl parameter in srvrStartupParam within the UBroker.MS.<broker_name> section of ubroker.properties for it to be passed to the agent process of the Unified Broker.
Example
srvrStartupParam=-svub -S X -N TCP -U X -P X -hs 0 -s 40 -ssl 
-keyalias <your_key_alias> -keyaliaspasswd <your_key_password>

OpenEdge DataServer client should only send TLS enabled requests over the network. A -ssl start-up parameter is also accepted by the client to instantiate an TLS connection with the server component. If an OpenEdge DataServer client is started without a -ssl startup parameter and it sends a connection request to a running broker in TLS mode, the broker fails to authenticate the client connection request. However, a message is then returned internally to the client requesting it to send a TLS enabled handshake. If the client is capable of sending a TLS request, the TLS connection is automatically established without specifying the client startup parameter.

Comparison between Unified Broker and ProBroker

The following table lists the differences between Unified Broker and ProBroker:
Feature Unified Broker ProBroker
Management Managed through the OpenEdge AdminServer, which provides centralized control and integration with other services. Runs as a standalone process and does not require AdminServer to function.
Startup Can be started either through the msssman command line utility or through OpenEdge Management (OEM). Starts manually from the command line using the _probrkr executable.
TLS Configuration To enable TLS, you set the sslenable=1 property in the Unified Broker configuration, which starts the broker itself in SSL mode. However, if you also want the DataServer server process to run in SSL mode, you need to configure the srvrStartupParam property with -ssl and include the appropriate SSL startup parameters TLS is enabled by passing the necessary TLS parameters, such as -ssl, directly at startup.