Overview
It is just to centralize the configuration method of security protocols like TLS or SSL in all VMware appliances. VMware did a good job in documenting this process and I am just putting all in one view. I will add the product in the list if I feel that it needs to be here.
For vCenter Server -
To check :
1. Connect with vCenter server appliance with SSH with its management IP address
2. Run below command#
#cd /usr/lib/vmware-vSphereTlsReconfigurator/VcTlsReconfigurator/
#./reconfigureVC scan
Below is the sample output : TLS Version is TLSv1.2. It means that TLSv1.2 is enabled and any other version is disabled.
To update in vCenter version 6.5 and 6.7:
Managing TLS protocol configuration for vSphere 6.5/6.7 (2147469) (vmware.com)
To update in vCenter version 7.x
Enable or Disable TLS Versions on vCenter Server Systems (vmware.com)
For vCD or VMware Cloud Director
To check :
1. Login vCD or cloud director appliance
2. Run below command#
#cd /opt/vmware/vcloud-director/bin
#./cell-management-tool ssl -protocols -l
Below is the sample output :
To update:
Note : It need downtime and need to update on each cell individually. So please shutdown the vCD services first before doing this. Follow this article for this vCD | Upgrade from version 9.5 to 10.1.2 ~ My vCloud Notes (vcnotes.in)
#./cell-management-tool ssl-protocols -d SSLv3,SSLv2Hello
Follow this VMware article to update
For vRealize Automation
To check and update, just follow this article
0 Comments:
Post a Comment