To control the security of Message Bus connections to Connection Server, you can configure the proposal policies on remote desktops that run Windows.

Prerequisites

To avoid a connection failure, configure Connection Server to accept the same policies.

Procedure

  1. On the remote desktop, start the Windows Registry Editor.
  2. Navigate to the HKEY_LOCAL_MACHINE\Software\VMware, Inc.\VMware VDM\Agent\Configuration registry key.
  3. Add a new String (REG_SZ) value, ClientSSLSecureProtocols.
  4. Set the value to a list of cipher suites in the format \LIST:protocol_1,protocol_2,....
    List the protocols with the latest protocol first. For example: 
    \LIST:TLSv1.2,TLSv1.1
  5. Add a new String (REG_SZ) value, ClientSSLCipherSuites.
  6. Set the value to a list of cipher suites in the format \LIST:cipher_suite_1,cipher_suite_2,....
    The list must be in order of preference, with the most preferred cipher suite first. For example: 
    \LIST:TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_RSA_WITH_AES_128_CBC_SHA