On Windows Server 2012 R2 endpoint, you run the Ignore the ServerCertificateValidationCallback command and try to download the telegraf-utils.ps1 using wget and Invoke-WebRequest but failed to download the telegraf-utils.ps1 with following error message:

PS C:\> Invoke-WebRequest https://#.#.#.#/downloads/salt/telegraf-utils.ps1 Invoke-WebRequest : The request was aborted: Could not create SSL/TLS secure channel. At line:1 char:1 + Invoke-WebRequest https://#.#.#.#/downloads/salt/telegraf-utils. ... + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : InvalidOperation: (System.Net.HttpWebRequest:HttpWebRequest) [Invoke-WebRequest], WebExc eption + FullyQualifiedErrorId : WebCmdletWebResponseException,Microsoft.PowerShell.Commands.InvokeWebRequestCommand

VCF Operations 9.0.0

VCF Operations will not include the 'ECDHE-RSA-AES128-SHA' cipher suite in the existing list for the httpd-south config as it is on the non recommended list of cipher suites.

If you want to make ARC work on Windows 2012, old cipher suite 'ECDHE-RSA-AES128-SHA' needs to be added to the httpd-south config. Steps to modify cipher-suite in httpd-south config on the Cloud Proxy.

1. Login to the Cloud Proxy with root user
2. Open the configuration file with command:  vi /usr/lib/vmware-vrops-cprc/etc/httpd-south/httpd.conf
3. Search for SSLCipherSuite within the httpd-south config file
4. Comment the existing SSLCipherSuite entry by adding a # character at the beginning of the line
5. Add new  'ECDHE-RSA-AES128-SHA'  SSLCipherSuite as shown below,
   
   SSLCipherSuite ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:TLS_AES_256_GCM_SHA384:TLS_AES_128_GCM_SHA256:TLS_CHACHA20_POLY1305_SHA256:ECDHE-RSA-AES128-SHA
   
   
6. Restart httpd-south service with command:  systemctl restart httpd-south.service