The purpose of this article is to enable correctly changing the TLS version of ESXi hosts in reconfigureEsx command.
Symptoms:
- ReconfigureEsx command fails with the error:
In vCenter Server Appliance:
[ /usr/lib/vmware-vSphereTlsReconfigurator/EsxTlsReconfigurator ]# ./reconfigureEsx vCenterHost -h <ESXi_Host_Name> -u <Administrative_User> -p TLSv1.1 TLSv1.2
ESXi Transport Layer Security reconfigurator, version=6.x.x, build=xxxxxxx
For more information refer to the following article: https://kb.vmware.com/kb/2148819
Log file: "/var/log/vmware/vSphere-TlsReconfigurator/EsxTlsReconfigurator.log".
Connecting to vCenter Server at: "localhost".
Password:
[SSL: UNKNOWN_PROTOCOL] unknown protocol (_ssl.c:661)
In Windows:
C:\Program Files\VMware\CIS\vSphereTlsReconfigurator\EsxTlsReconfigurator> reconfigureEsx vCenterHost -h <ESXi_Host_Name> -u <Administrative_User> -p TLSv1.1 TLSv1.2
ESXi Transport Layer Security reconfigurator, version=6.x.x, build=xxxxxxx
For more information refer to the following article: https://kb.vmware.com/kb/2148819
Log file: "C:\ProgramData\VMware\vCenterServer\logs\vmware\vSphere-TlsReconfigurator\EsxTlsReconfigurator.log".
Connecting to vCenter Server at: "localhost".
Password:
[SSL: UNKNOWN_PROTOCOL] unknown protocol (_ssl.c:661)