Configure Security Settings for NSX-T Data Center by Using NSX-T API

This site will be decommissioned on January 30th 2025. After that date content will be available at techdocs.broadcom.com.

You configure TLS 1.2 protocol and disable TLS 1.1 for NSX Manager.

Procedure

♦ VMW-NSXT-01501 Configure an NSX Manager node to only use the TLS 1.2 protocol.

The change applies to all nodes in the cluster. The API service on each node restarts after the update. A delay of up to a minute between the time this API call completes and when the new configuration applies is possible.
1. Run the GET command and save the output.
```
GET https://<nsx-mgr>/api/v1/cluster/api-service
```
2. In the saved output, edit the protocol_versions line to disable TLS 1.1.
```
                "protocol_versions": [ { "name": "TLSv1.1", "enabled": false }, { "name": "TLSv1.2", "enabled": true } ]
              
```
3. Run the API call using curl or another REST API client with the edited initial output.
```
PUT https://<nsx-mgr>/api/v1/cluster/api-service
```