Search the VMware Knowledge Base (KB)
View by Article ID

How to enable SSLv3 and TLSv1 for outgoing HTTPS connections manually in vRealize Orchestrator (2144318)

  • 2 Ratings

Details

This article provides information on how to enable SSLv# and TLSv1 for outgoing HTTPS connections in vRealize Orchestrator 6.0.4 and 7.0.x manually.
 
To enable outgoing HTTP connections through the SOAP, HTTP-REST, and Orchestrator Configuration plug-ins to servers that require TLSv1 when using vRealize Orchestrator 6.0.4 and 7.0.x, you must enable SSLv3 and TLSv1 manually. This issue might occur in the SOAP, REST, and Configuration plug-ins in Orchestrator, which use the Import a certificate from URL workflow. If you make connections to servers that require SSLv3 and TLSv1, you might receive a Cannot execute request: ; Connection reset error and you must enable the protocols manually.

Solution

To enable TLSv1, you must change the https.protocols and jdk.tls.client.protocols java properties.

  1. Log in to the Orchestrator Appliance through SSH as root.

    ssh -l root [vco_appliance_ip]

  2. Create a backup of the setenv.sh file located at /var/lib/vco/app-server/bin/setenv.sh.

  3. Edit the setenv.sh file.

    1. Define a variable ENABLED_PROTOCOLS which lists all protocols that you want to enable for outgoing HTTPS connections.

      Example:

      If you want to enable TLSv1, TLSv1.1, and TLSv1.2 , type:

      ENABLED_PROTOCOLS="TLSv1,TLSv1.1,TLSv1.2"

      If you want to enable TLSv1 and TLSv1.2, type:

      ENABLED_PROTOCOLS="TLSv1,TLSv1.2"

    2. Add this fragment to JVM_OPTS:

      -Dhttps.protocols=$ENABLED_PROTOCOLS -Djdk.tls.client.protocols=$ENABLED_PROTOCOLS

  4. Restart the Orchestrator server service.

Request a Product Feature

To request a new product feature or to provide feedback on a VMware product, please visit the Request a Product Feature page.

Feedback

  • 2 Ratings

Did this article help you?
This article resolved my issue.
This article did not resolve my issue.
This article helped but additional information was required to resolve my issue.

What can we do to improve this information? (4000 or fewer characters)




Please enter the Captcha code before clicking Submit.
  • 2 Ratings
Actions
KB: