Enabling TLSv1 for vCloud Director 8.20

By Antti Hurme 09/03/2017 No Comments 1 Min Read

Enabling TLS1 is needed for vCD 8.20 if you wish to use Usage Meter 3.50 (currently the latest release) and the links provided in the vCD 8.20 release notes refer to the vCD 8.20 Documentation Center.

The funny thing is that all commands talk about resetting to default protocols and and disabling specific protocols. The default allowed protocols list has changed for vCD 8.20 and thus TLS1 can’t be enabled by resetting to defaults.

However by disabling specific protocols we can enable the one we want. So by disabling SSLv3 and SSLv3Hello we enable TLS1. Now that’s funny :)

./cell-management-tool ssl-protocols -d SSLv3,SSLv2Hello

This is fairly counter-intuitive so thought I’d make this post. The Same issue also affected our Console Connections who got stuck in an “Disconnected” state.

The  console-proxy.log showed the following errors:

2017-03-09 11:58:43,936 | DEBUG | consoleproxy | SimpleProxyConnectionHandler | Initiated handling for channel 0x44914b9e [java.nio.channels.SocketChannel[connected local=/n.n.n.n:443 remote=/y.y.y.y:61649]] |
2017-03-09 11:58:43,938 | DEBUG | pool-consoleproxy-4-thread-5734 | SSLHandshakeTask | Exception during handshake: Client requested protocol TLSv1 not enabled or not supported |
Written By

Who am I? | Linkedin

View All Articles
Leave a Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

The reCAPTCHA verification period has expired. Please reload the page.

This site uses Akismet to reduce spam. Learn how your comment data is processed.