You can use the TLS Reconfiguration Utility to enable or disable TLS protocol versions. You can disable TLS 1.0 within the vSphere environment, or you can disable both TLS 1.0 and TLS 1.1. Starting with vSphere 6.5, the TLS protocol versions 1.0, 1.1, and 1.2 are enabled by default.

For reconfiguration, the vCenter Server, Platform Services Controller, vSphere Update Manager and ESXi hosts within the environment must be running the software versions that allow for disablement. See VMware Knowledge Base article 2145796 for a list of VMware products that support disabling TLS 1.0.

Before you disable TLS 1.0, you also have to ensure that other VMware products and third-party products support a TLS protocol that is enabled. Depending on your configuration, that can be TLS 1.2 or both TLS 1.1 and TLS 1.2.