If you disable a version of TLS for Update Manager Port 9087 and you encounter problems, you can reenable the version. The process is different for reenabling port 8084.
Reenabling an earlier version of TLS has security implications.
- Stop the vSphere Update Manager service.
- Navigate to the Update Manager installation directory which is different for 6.0 and 6.5 and later.
Version Location vSphere 6.0 C:\Program Files (x86)\VMware\Infrastructure\Update Manager vSphere 6.5 and later C:\Program Files\VMware\Infrastructure\Update Manager
- Make a backup of the jetty-vum-ssl.xml file and open the file.
- Remove the TLS tag that corresponds to the TLS protocol version that you want to enable.
For example, remove
<Item>TLSv1.1</Item>in the jetty-vum-ssl.xml file to enable TLSv1.1.
- Save the file.
- Restart the vSphere Update Manager service.