Search the VMware Knowledge Base (KB)
View by Article ID

Hybrid Cloud Manager Security Protocol (2146900)

  • 0 Ratings

Symptoms

Hybrid Cloud Manager (HCM) is shipped with Transport Layer Security version 1.0 (TLSv1.0) enabled by default.
SSLv2 and SSLv3 are disabled to mitigate the POODLE vulnerability.
TLSv1.0 is required to ensure compatibility with vSphere 5.5 and is used between HCM and vCenter for the HCM plug-in registration.

Resolution

vSphere versions 6.0 and later do not require TLSv1.0. Customers with those versions of vSphere can safely disable TLSv1.0.
 
To disable TLSv1.0:

  1. Open a console or SSH into HCM using the admin account.

  2. Switch user to root.

  3. Use a vi editor to open the httpd.conf configuration file by running the following command:
    vi /usr/local/apache2/conf/httpd.conf

  4. Search for the following entry in the httpd.conf configuration file:
    SSLProtocol -SSLv2 -SSLv3 +TLSv1 +TLSv1.1 +TLSv1.2

    Replace it with:
    SSLProtocol -SSLv2 -SSLv3 -TLSv1 +TLSv1.1 +TLSv1.2

  5. Restart httpd.

  6. Save and close the file.

  7. Log out of HCM.

Request a Product Feature

To request a new product feature or to provide feedback on a VMware product, please visit the Request a Product Feature page.

Feedback

  • 0 Ratings

Did this article help you?
This article resolved my issue.
This article did not resolve my issue.
This article helped but additional information was required to resolve my issue.

What can we do to improve this information? (4000 or fewer characters)




Please enter the Captcha code before clicking Submit.
  • 0 Ratings
Actions
KB: