This issue is resolved in a future release of Cloud Director.
To be alerted when this article is updated, click Subscribe.
To resolve the issue without upgrading, follow the actions below:
- To check the SSL cipher enabled on each cell run the cell-management-tool as below:
/opt/vmware/vcloud-director/bin/cell-management-tool ciphers -l
- To confirm the SSL ciphers configuration on each cell,it is possible to check the /opt/vmware/vcloud-director/etc/global.properties file.
For example: ssl.ciphers.disallowed = TLS_AES_256_GCM_SHA384,TLS_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_256_GCM_SHA384,TLS_RSA_WITH_AES_256_CBC_SHA256,TLS_ECDH_RSA_WITH_AES_256_CBC_SHA,TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA,TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA,TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDH_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA
- Factory default ciphers are:
* TLS_AES_256_GCM_SHA384
* TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
* TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
The ciphers can be reset to the factory default settings on each cell by running the cell-management-tool as below:
/opt/vmware/vcloud-director/bin/cell-management-tool ciphers -r