Configure or enable/disable TLS on ESXi server

  •  Login to vCenter server Appliance using root credential.
  • Go to path: /usr/lib/vmware-TlsReconfigurator/EsxTlsReconfigurator
  • To Enable TLS 1.2 only to all ESXI hosts under a cluster:

       ./reconfigureEsx vCenterCluster -c <Cluster_Name> -u <Administrative_User> -p TLSv1.2

        :Vcenter server user name for ex:administrator@vsphere.local

  • To Enable TLS 1.1,1.2 only to a specific host under the vCenter server:

    ./reconfigureEsx vCenterCluster -h <ESXI_host_Name> -u <Administrative_User> -p TLSv1.1                 TLSv1.2

     :Vcenter server user name for ex:administrator@vsphere.local

  • Reboot ESXI host to commit the protocol change.
  • verify the TLS enabled version  
        [root@R:~] openssl ciphers -v | awk '{print $2}' | sort | uniq
        SSLv3
        TLSv1.2
        [root@R:~]

 


        No comments:

        Post a Comment

        Selenium firefox driver session fails with : Could not start a new session. Response code 500. Message: Expected browser binary location, but unable to find binary in default location,

         Error: With Firefox driver /gecko driver Could not start a new session. Response code 500. Message: Expected browser binary location, but u...