By default VRLCM 2.x has the TLS 1.0 disabled and TLS 1.1 and TLS 1.2 enabled . For security concerns customers looking for disabling TLS 1.1 and this blog helps in steps to perform the same.
Steps by step process to perform the same.
- Take a backup of the file java.security
cp /usr/java/jre-vmware/lib/security/java.security /usr/java/jre-vmware/lib/security/java.security.bak2Open the file.
2. Open the file.
vi /usr/java/jre-vmware/lib/security/java.security
3. Search for “jdk.tls.disabledAlgorithms” and you may find a line similar to:
jdk.tls.disabledAlgorithms=SSLv3, TLSv1, RC4, MD5withRSA, DH keySize < 1024,
4.Add TLSv1.1 from the above line.
jdk.tls.disabledAlgorithms= SSLv2, SSLv3, TLSv1, TLSv1.1, RC4, MD5withRSA, DH keySize < 768, EC keySize < 224
5.Save and close the file. (:wq!)
6.Restart the services using the commands:
systemctl restart vlcm-xserver
systemctl restart vlcm-server
Virtual SDDC 