ESXi upgrade operation will trigger a VOB stating "Upgrade detected a weak crypto protocol (MD5)"
Article ID: 320252
Updated On:
Products
VMware vCenter Server
Issue/Introduction
Symptoms:
- An Esxi having MD5 authentication in snmp config, is upgraded to the current release, MD5 config will be removed and any user configured with MD5 authentication will no longer work.
- As an upgrade operation, a VOB will be triggered stating :
[vob.user.user.weak.ssl.protocol] Upgrade detected a weak crypto protocol (MD5) and removed it.
Environment
VMware vCenter Server Appliance 6.7.x
VMware vCenter Server 7.0.x
VMware vCenter Server Appliance 6.5.x
VMware vCenter Server 7.0.x
VMware vCenter Server Appliance 6.5.x
Cause
If ESXi has v3 users with MD5 as the authentication protocol. It will no longer respond to SNMP queries after upgrade to the latest. MD5 is considered as a weak protocol and is no longer supported.
Resolution
To resolve this issue regenerate v3 users with the different crypto protocol.
Additional Information
Impact/Risks:
Failure to use strong SSL protocols could lead to security breaches and loss of service.
Failure to use strong SSL protocols could lead to security breaches and loss of service.
Feedback
Yes
No
Powered by
