Install the TLS Configuration Utility

You can download the TLS Configuration utility from MyVMware.com and install it on your local machine. After installation, two scripts are available. One script is for configuration of vCenter Server and Platform Services Controller, and one script is for ESXi configuration.

On the vCenter Server Appliance, vSphere Update Manager ports are updated by the script. On vCenter Server, you edit vSphere Update Manager configuration files. See Disable TLS Versions on vSphere Update Manager.

Prerequisites

You need a MyVMware account to download the script.

Procedure

Log in to your MyVMware account and go to vSphere.
Find the product and product version that you are licensed for, select VMware vCenter Server, and click Go to Downloads.

Select VMware vSphere TLS Configurator and download the following file.

OS	File
Windows	VMware-vSphereTlsReconfigurator-`version-build_number`.x86_64.msi
Linux	VMware-vSphereTlsReconfigurator-`version-build_number`.x86_64.rpm

Upload the file to vCenter Server and install the scripts.

In environments with an external Platform Services Controller, you also upload the file to the Platform Services Controller.

OS	Procedure
Windows	Log in as a user with Administrator privileges. Copy the VMware-vSphereTlsReconfigurator-`version-build_number`.x86_64.msi file that you just downloaded. Install the MSI file.
Linux	Connect to the appliance using SSH and log in as a user who has privileges to run scripts. Copy the VMware-vSphereTlsReconfigurator-`version-build_number`.x86_64.rpm file to the appliance using an SCP client. If the Bash shell is not currently enabled, run the following commands. shell.set --enabled true shell Go to the directory where the uploaded rpm file is located and run the following command. rpm -Uvh VMware-vSphereTlsReconfigurator-`version-build_number`.x86_64.rpm

Procedure

Windows

Log in as a user with Administrator privileges.
Copy the VMware-vSphereTlsReconfigurator-version-build_number.x86_64.msi file that you just downloaded.
Install the MSI file.

Linux

Connect to the appliance using SSH and log in as a user who has privileges to run scripts.
Copy the VMware-vSphereTlsReconfigurator-version-build_number.x86_64.rpm file to the appliance using an SCP client.
If the Bash shell is not currently enabled, run the following commands.
```
shell.set --enabled true
shell
```
Go to the directory where the uploaded rpm file is located and run the following command.
```
rpm -Uvh VMware-vSphereTlsReconfigurator-version-build_number.x86_64.rpm
```

Results

After installation completes, you find the scripts at the following locations.

OS	Location
Windows	C:\Program Files\VMware\CIS\vSphereTLSReconfigurator\VcTlsReconfigurator C:\Program Files\VMware\CIS\vSphereTLSReconfigurator\EsxTlsReconfigurator
Linux	/usr/lib/vmware-vSphereTlsReconfigurator/VcTlsReconfigurator /usr/lib/vmware-vSphereTlsReconfigurator/EsxTlsReconfigurator