Set Acceptable TLS Versions
This OKM console function sets the he minimum acceptable version of TLS. KMAs can accept connections using TLSv1.0, v1.1, v1.2, or v1.3.
While v1.0 is no longer considered secure, if you have KMAs in the cluster running OKM versions prior to 3.1.0, or you have Agents (such as tape drives) that do not support later versions of TLS, you may need to leave all versions of TLS enabled. See Table 3-1 for tape drive TLS compatibility.
Available to: Security Officer
- Log into OKM console. At the
Please enter your choice:
prompt on the main menu, selectSet Acceptable TLS Versions
and press Enter. - Select the TLS versions to enable, and then press Enter. Options
include:
- 1 (TLSv1.0 and higher)
- 2 (TLSv1.1 and higher)
- 3 (TLSv1.2 and higher)
- 4 (TLSv1.3 and higher)