Disable TLS 1.0 on the SDDC Manager Controller virtual machine in VMware Cloud Foundation 2.2 and later
Article ID: 316770
Updated On:
Products
VMware Cloud Foundation
Issue/Introduction
This article provides instructions for disabling TLS 1.0 on the SDDC Manager Controller virtual machine in VMware Cloud Foundation 2.2 and later
Resolution
To disable TLS 1.0 on SDDC Manager Controller virtual machine:
Note: Before you begin, ensure to take a snapshot of the SDDC Manager Controller virtual machine.
Note: Before you begin, ensure to take a snapshot of the SDDC Manager Controller virtual machine.
- SSH to the SDDC Manager Controller virtual machine as the root user.
- Make a copy of the /home/vrack/vrm/conf/server.xml file:
cp /home/vrack/vrm/conf/server.xml /tmp/
- Issue the following command to remove the reference to TLS 1.0 from the /home/vrack/vrm/conf/server.xml file:
sed -i 's/TLSv1,//g' /home/vrack/vrm/conf/server.xml
- Restart the SDDC Manager web server:
systemctl restart vcfmanager
Note: To verify that TLS 1.0 is disabled:
openssl s_client -connect 192.168.100.40:8443 -tls1
A message similar to the following should be returned:
139640943437464:error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number:s3_pkt.c:365:
A message similar to the following should be returned:
139640943437464:error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number:s3_pkt.c:365:
Additional Information
Feedback
Yes
No
Powered by
