You can configure the pass phrases that a listener requires in the mf-server.dat file. When you start the listener, it retrieves the passphrases from the file, and you do not need to configure them manually.
The mf-server.dat file is in the $COBDIR/etc directory by default.
[Listener-name/SSL/passphrases] certificate=certificate passphrase keyfile=keyfile passphrasewhere:
The pass phrases appear in plain text in the mf-server.dat file. For security purposes, you should make this file readable only by the user account (or accounts) under which the enterprise server is started. That would normally be the account under which Micro Focus Directory Server (MFDS) runs (typically LOCAL_SYSTEM) and the accounts of any users who run casstart from the command line.