VMware vRealize Log Insight 3.6 and higher support inbound connections secured with TLS v1.0, v1.1 and v1.2.
TLS v1.0 and v1.1 has known security concerns.
This article provides steps to disable support for TLS v1.0 and/or v1.1 on the Log Insight server.
Some clients, such as web browsers and syslog sources, may be actively communicating with TLS v1.0 or v1.1. Verify all clients can successfully negotiate TLS v1.1 or v1.2 before disabling support for TLS v1.0 and/or v1.1 in Log Insight.
Example: If you run the command against a vRealize Log Insight node with TLS 1.0 and TLS 1.1 disabled, you will get an output similar to:
PORT STATE SERVICE
443/tcp open https
| ssl-enum-ciphers:
| TLSv1.2:
| ciphers:
| TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA - strong
| TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 - strong
| TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA - strong
| TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 - strong
| TLS_RSA_WITH_AES_256_CBC_SHA - strong
| TLS_RSA_WITH_AES_256_CBC_SHA256 - strong
| compressors:
| NULL
|_ least strength: strong