VMware Authentication Proxy uses IIS for hosting services, where insecure protocols like SSLv3 are used to maintain connections with the clients (ESXi host).
This article contains steps to disable SSLv3 and enable secure protocols like TLS 1.1 and TLS 1.2.
The SChannel registry configuration is used to disable SSL 3.0, and weak ciphers on IIS.
Follow the steps below to disable the insecure protocols used by IIS:
To enable protocols such as TLS 1.1 and TLS 1.2, follow the steps listed above to create Client and Server keys under the required protocols. Under the Client and Server keys, add the DWORD (32-bit) values for DisabledByDefault and Enabled as 0 and 1 respectively as shown in the example below.
For more information on disabling other protocols and cipher suites, see Ciphers.