You can download the TLS Configuration utility from MyVMware.com and install it on your local machine. After installation, two scripts are available. One script is for configuration of vCenter Server and Platform Services Controller, and one script is for ESXi configuration.
On the vCenter Server Appliance, vSphere Update Manager ports are updated by the script. On vCenter Server, you edit vSphere Update Manager configuration files. See Disable TLS Versions on vSphere Update Manager.
You need a MyVMware account to download the script.
- Log in to your MyVMware account and go to vSphere.
- Find the product and product version that you are licensed for, select VMware vCenter Server, and click Go to Downloads.
- Select VMware vSphere TLS Configurator and download the following file.
OS File Windows VMware-vSphereTlsReconfigurator-version-build_number.x86_64.msi Linux VMware-vSphereTlsReconfigurator-version-build_number.x86_64.rpm
- Upload the file to vCenter Server and install the scripts.
In environments with an external Platform Services Controller, you also upload the file to the Platform Services Controller.
OS Procedure Windows
- Log in as a user with Administrator privileges.
- Copy the VMware-vSphereTlsReconfigurator-version-build_number.x86_64.msi file that you just downloaded.
- Install the MSI file.
- Connect to the appliance using SSH and log in as a user who has privileges to run scripts.
- Copy the VMware-vSphereTlsReconfigurator-version-build_number.x86_64.rpm file to the appliance using an SCP client.
- If the Bash shell is not currently enabled, run the following commands.
shell.set --enabled true shell
- Go to the directory where the uploaded rpm file is located and run the following command.
rpm -Uvh VMware-vSphereTlsReconfigurator-version-build_number.x86_64.rpm