Disable older TLS/SSL cipher suites in Aria Suite Lifecycle 8.x
search cancel

Disable older TLS/SSL cipher suites in Aria Suite Lifecycle 8.x

book

Article ID: 379746

calendar_today

Updated On:

Products

VMware Aria Suite

Issue/Introduction

Instructions on how to disable older TLS/SSL cipher suites in Aria Suite Lifecycle 8.x

Environment

VMware Aria Suite Lifecycle 8.x

Resolution

  1. Snapshots are required of the VMware Aria Suite Lifecycle appliance before following the steps below, reference:  Managing snapshots in vSphere Web Client 

  2. Stop the nginx.service with the following command:

    systemctl stop nginx.service

  3. Open the Nginx SSL configuration file located at /etc/nginx/ssl.conf with a text editor.

  4. Replace the line:

    ssl_ciphers !aNULL:ECDHE+AES;

    with the following:

    ssl_ciphers !aNULL:ECDHE+AES:!ECDHE-RSA-AES128-SHA256:!ECDHE-RSA-AES256-SHA384;

  5. Start the nginx.service again with the following:

    systemctl start nginx.service
Powered by Wolken Software