7.6 Enabling the TLS Version 1 Protocol

As of Oracle VM Release 3.4.5, the SSL TLS version 1 (TLSv1) protocol is disabled within Oracle VM Manager for security reasons. By default, only connections using the TLSv1.2 protocol are accepted. As a result, management of Oracle VM Server for x86 at Release 3.2.10 or 3.2.11, and Oracle VM Agent for SPARC at Release 3.3.1, is not possible after the upgrade to Oracle VM Manager 3.4.5 or later release versions.

Although it is strongly recommended to upgrade your Oracle VM Servers to the latest release version, in Oracle VM Release 3.4.5 in it is possible to enable the management of Oracle VM Server for x86 at Release 3.2.10 or 3.2.11, and Oracle VM Agent for SPARC at Release 3.3.1. To do this, you must enable the TLSv1 protocol, which is less secure, as follows:

Important

As of Oracle VM Release 3.4.6, management of Oracle VM Server for x86 at Release 3.2.10 or 3.2.11, and Oracle VM Agent for SPARC at Release 3.3.1 is removed.

  1. Start an ssh session to the Oracle VM Manager instance.

  2. Open /etc/sysconfig/ovmm for editing and add the following line:

    ALLOWTLS1=YES

  3. Save and close /etc/sysconfig/ovmm.

  4. Restart Oracle VM Manager for the setting to take effect:

    # /sbin/service ovmm restart

When all your Oracle VM Servers have been upgraded to the latest release, it is recommended that you reset the security protocol in Oracle VM Manager to the default. Disable TLSv1 and revert to the TLSv1.2 protocol as follows:

  1. Start an ssh session to the Oracle VM Manager instance.

  2. Open /etc/sysconfig/ovmm for editing and remove the following line:

    ALLOWTLS1=YES

  3. Save and close /etc/sysconfig/ovmm.

  4. Restart Oracle VM Manager for the setting to take effect:

    # /sbin/service ovmm restart