You can control the security of Message Bus connections to Connection Server by configuring the proposal policies on remote desktops that run Windows.

Make sure that Connection Server is configured to accept the same policies to avoid a connection failure.

Procedure

  1. Start the Windows Registry Editor on the remote desktop.
  2. Navigate to the HKEY_LOCAL_MACHINE\Software\VMware, Inc.\VMware VDM\Agent\Configuration registry key.
  3. Add a new String (REG_SZ) value, ClientSSLSecureProtocols.
  4. Set the value to a list of cipher suites in the format \LIST:protocol_1,protocol_2,....
    List the protocols with the latest protocol first. For example:
    \LIST:TLSv1.2,TLSv1.1,TLSv1
  5. Add a new String (REG_SZ) value, ClientSSLCipherSuites.
  6. Set the value to a list of cipher suites in the format \LIST:cipher_suite_1,cipher_suite_2,....
    The list should be in order of preference, with the most preferred cipher suite first. For example:
    \LIST:TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_RSA_WITH_AES_128_CBC_SHA