Cannot access LB HTTPS service through TLSv1 after NSX upgrade
book
Article ID: 309104
calendar_today
Updated On:
Products
VMware NSX
Issue/Introduction
Symptoms:
After upgrading the NSX Edge from 6.2.2 to 6.2.3 and later, these symptoms can be seen:
- Clients connectivity fails
- Automation scripts fails with an error similar to:
SSL_connect SYSCALL returned=5.
Environment
VMware NSX for vSphere 6.3.x
VMware NSX for vSphere 6.4.x
VMware NSX for vSphere 6.2.x
Cause
This issue occurs because TLSv1 is disabled by default in NSX for vSphere 6.2.3 and later.
Resolution
This is by design.
Starting with NSX for vSphere 6.2.3 and later versions, TLSv1 has been disabled by default as part of NSX for vSphere security enhancements.
To enable TLSv1, it is needed to add an application rule enable tlsv1 and associate it with virtual server manually after upgrading.
Feedback
thumb_up
Yes
thumb_down
No