Search the VMware Knowledge Base (KB)
View by Article ID

Disabling SSLv3 on vCenter Single Sign-On port 7444 (2131310)

  • 1 Ratings

Details

This article provides information on disabling SSLv3 on the vCenter Single Sign-On port 7444.
 
Note: When you upgrade to vCenter Server 6.0 Update 1, the SSLv3 protocol is enabled on the vCenter Single Sign-On port 7444 by default.

Solution

 Note: Perform these steps after the upgrade to vCenter Server 6.0 Update 1 is completed on the Platform Service Controller (PSC) machine and all the nodes that are registered to the PSC.
 
To disable SSLv3 on the vCenter Single Sign-On port 7444:
  1. Connect to the PSC machine.

  2. Open the server.xml file for the vCenter Single Sign-On.

    - Windows default location: C:\ProgramData\VMware\vCenterServer\runtime\VMwareSTSService\conf\

    - vCenter Server Appliance default location: /usr/lib/vmware-sso/vmware-sts/conf/

  3. Create a backup of the file.

  4. Find this line:

    '<Connector SSLEnabled="true"'

  5. Append this line at the end of the line in step 4.

    'sslEnabledProtocols="TLSv1,TLSv1.1,TLSv1.2"'


    Example:

    '<Connector SSLEnabled="true"''sslEnabledProtocols="TLSv1,TLSv1.1,TLSv1.2"'

  6. Save the file.

  7. Restart the VMware Security Token Service by running these commands:

    service-control --stop vmware-stsd
    service-control --start vmware-stsd

    Alternatively, you can restart the PSC machine.

Additional Information

For translated versions of this article, see:

Request a Product Feature

To request a new product feature or to provide feedback on a VMware product, please visit the Request a Product Feature page.

Feedback

  • 1 Ratings

Did this article help you?
This article resolved my issue.
This article did not resolve my issue.
This article helped but additional information was required to resolve my issue.

What can we do to improve this information? (4000 or fewer characters)




Please enter the Captcha code before clicking Submit.
  • 1 Ratings
Actions
KB: