Changing TLS protocols

To change the TLS protocol version, use the following CLI command in CONFIG mode:

httpd protocol protocol-list

You can configure the following TLS versions:

•TLSv1

•TLSv1.1

•TLSv1.2.

Enter the versions as a comma-separated list. The updates will be applied to port 8443 and 9090 only. By default, TLSv1 is disabled and TLSv1.1 and TLSv1.2 are enabled on ports 8443 and 9090.

Example:

sentry/config# httpd protocol tlsv1.1,tlsv1.2

Changes will issue restart of httpd service and Sentry system service might be distrupted.

Would you like to proceed? [y/n]: y

sentry/config# do show httpd protocol

+--------+---------------------------

Port + TLS Protocols Enabled

+--------+---------------------------

8443 TLSv1.1,TLSv1.2

9090 TLSv1.1,TLSv1.2

sentry/config#