Administrators can determine which client
systems do not have sufficient security levels and either update them to the higher level or
decrease the system security level until these systems are updated.
To change SSL/TLS settings by using the command-line interface, complete these
steps:
- Enter chsecurity -sslprotocol security_level, where
security_level is one of the following values:
Table 1. Supported SSL/TLS security levelsSecurity level |
Description |
Minimum security allowed |
1 |
Sets the system to disallow SSL version 3.0. |
TLS 1.0 |
2 |
Sets the system to disallow SSL version 3.0, TLS version 1.0, and TLS version
1.1. |
TLS 1.2 |
3 |
Sets the system to disallow SSL version 3.0, TLS version 1.0, and TLS version
1.1 and to allow cipher suites that are exclusive to TLS version 1.2. |
TLS 1.2 |
Note: Users might lose the connection to the management GUI when the security level is changed.
If you loose the connection, use the CLI to decrease the security level to a lower setting.