How to disable TLS 1.0 on the SDDC Manager Controller virtual machine in VMware Cloud Foundation 2.2 and later
search cancel

How to disable TLS 1.0 on the SDDC Manager Controller virtual machine in VMware Cloud Foundation 2.2 and later

book

Article ID: 316770

calendar_today

Updated On:

Products

VMware Cloud Foundation

Issue/Introduction

This article provides instructions for disabling TLS 1.0 on the SDDC Manager Controller virtual machine in VMware Cloud Foundation 2.2 and later

Resolution

To disable TLS 1.0 on SDDC Manager Controller virtual machine:

Note: Before you begin, ensure to take a snapshot of the SDDC Manager Controller virtual machine.
  1. SSH to the SDDC Manager Controller virtual machine as the root user.
  2. Make a copy of the /home/vrack/vrm/conf/server.xml file:
cp /home/vrack/vrm/conf/server.xml /tmp/
  1. Issue the following command to remove the reference to TLS 1.0 from the /home/vrack/vrm/conf/server.xml file:
sed -i 's/TLSv1,//g' /home/vrack/vrm/conf/server.xml
  1. Restart the SDDC Manager web server:
systemctl restart vcfmanager
 
Note: To verify that TLS 1.0 is disabled:
 
openssl s_client -connect 192.168.100.40:8443 -tls1

A message similar to the following should be returned:

139640943437464:error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number:s3_pkt.c:365:


Additional Information

Status of TLSv1.1/1.2 Enablement and TLSv1.0 Disablement across VMware products
Managing TLS protocol configuration for vSphere 6.5 
How to disable TLS v1.0 in vRealize Log Insight

Powered by Wolken Software