You can modify the Nginx configuration file to ensure that App Volumes Manager accepts connections only from specified TLS versions.

About this task

App Volumes Manager uses SSL and TLS to communicate with servers and App Volumes agents. See Using SSL Certificates with App Volumes Manager.

Prerequisites

  • You must have administrator privileges on the machine where App Volumes Manager is installed.

  • Locate the nginx.conf file and create a backup of the file. The default location for nginx.conf is C:\Program Files (x86)\CloudVolumes\Manager\nginx\conf\.

Procedure

  1. Log in to the machine where App Volumes Manager is installed.
  2. Identify the ssl_protocols line in the nginx.conf file and retain only the TLS versions that you want App Volumes Manager to connect with.

    For example, if you include TLSv1.1 and TLSv1.2 in the ssl_protocols line, App Volumes Manager will accept connections only from these TLS versions.

  3. Restart the App Volumes Manager service.

Configure TLS v1.1 and TLS v1.2 Protocols

In this example, App Volumes Manager will accept connections only from agents that use TLS v1.1 and TLS v1.2 protocols, as specified in the ssl_protocols entry in the Nginx configuration file.

server {
			server_name 0.0.0.0;
			listen 3443;
			listen 443;
			listen [::]:443;

			ssl on;
			ssl_certificate	appvol_ca1_vmware.com.crt;
			ssl_certificate_key	appvol_ca1_vmware.com.key;
			ssl_protocols TLSv1.1 TLSv1.2
			ssl_session_cache	builtin:1000;
			ssl_session_timeout 5m;

			root ../public;