Table of Contents
Advertisement
Configuration
• Reverting TLS changes in an ESXi host is not supported.
Procedure
1. Open an SSH session into the vCenter Server Appliance.
2. Enable Bash shell by typing shell in the command line
3. Type the following command to change to the following directory:
cd /usr/lib/vmware-vSphereTlsReconfigurator/EsxTlsReconfigurator
4. To disable TLSv1.0 and TLS v1.1 and enable TLSv1.2 only on an individual ESXi host,
execute the following command:
./reconfigureEsx vCenterHost -h <ESXi_Host_Name> -u <Administrative_User> -p
TLSv1.2
Once completed, the host will be flagged for a reboot.
Related links
Management of the TLS protocol configuration for vSphere 6.5 U2 Environment
Validating TLS v1.0 and v1.1 disablement on an ESXi Host
About this task
Use the following procedure to validate if TLS v1.0 and v1.1 have been disabled on an ESXi host
Procedure
1. To validate TLS v1.0, disablement do the following:
a. Open an SSH session into the ESXi host.
b. Enable Bash shell by typing shell in the command line.
c. Type the following command to validate if TLS v1.0 has been disabled:
openssl s_client -connect localhost:443 -tls1
Command results should display that there is no certificate and no Master-Key
assigned. See example below
October 2019
Installing the Avaya Converged Platform 130 Series
Comments on this document? infodev@avaya.com
on page 52
56
Hide quick links:
Advertisement
Table of Contents
