Changing TLS protocols

To change the TLS protocol version, use the following CLI command in CONFIG mode:

httpd protocol protocol-list

You can configure the following TLS versions:




Enter the versions as a comma-separated list. The updates will be applied to port 8443 and 9090 only. By default, TLSv1 is disabled and TLSv1.1 and TLSv1.2 are enabled on ports 8443 and 9090.


sentry/config# httpd protocol tlsv1.1,tlsv1.2

Changes will issue restart of httpd service and Sentry system service might be distrupted.

Would you like to proceed? [y/n]: y

sentry/config# do show httpd protocol


Port + TLS Protocols Enabled


8443 TLSv1.1,TLSv1.2

9090 TLSv1.1,TLSv1.2