Standardize HTTPS configuration for all Zowe servers

[1000TurquoisePogs]

The builtin TLS capabilities of each Zowe server varies considerably; it can vary by capability, but also by ways in which the capabilities are configured.

Consider these scenarios. How would a user configure all of Zowe's servers to:

• Limit the minimum TLS version used
• Limit the maximum TLS version used
• Limit the ciphers used
• Limit the curves used
• Stating which IP/hostname(s) to bind to (including, ipv4 vs ipv6)

Documentation may not exist for several servers, and perhaps some do not even support customizing these things. Even if they do support & document how to customize these, there would be different ways for each server because the codebases are not unified with regards to this. There are Java ways to do things, there are nodejs ways to do things, etc.

Solution:

• Create a standard area within zowe.yaml's "zowe" section which details the defaults for HTTPS settings, such as but not limited to the above cases.
• Create a standard area within each "component" section of zowe.yaml such that each component could have overrides.
• Document these in the Zowe schema
• Enhance our servers to utilize this information when available. note: configmgr templating could be used to assign already-existing configuration parameters of our servers to these new standards, so that the enhancement could be reduced to configuration default changes rather than code changes, if desired.

[1000TurquoisePogs]

Note an older issue on the subject https://github.com/zowe/zowe-install-packaging/issues/1951

[1000TurquoisePogs]

i started some work here https://github.com/zowe/zowe-install-packaging/pull/3356 but would be happy if others picked it up or gave feedback, because it's something i was only working on with spare time at the moment.