1. Installation and Administration Guide
  2. OKM Console
  3. OKM Console Functions
  4. Set Acceptable TLS Versions

Set Acceptable TLS Versions

This OKM console function sets the he minimum acceptable version of TLS. KMAs can accept connections using TLSv1.0, v1.1, v1.2, or v1.3.

While v1.0 is no longer considered secure, if you have KMAs in the cluster running OKM versions prior to 3.1.0, or you have Agents (such as tape drives) that do not support later versions of TLS, you may need to leave all versions of TLS enabled. See Table 3-1 for tape drive TLS compatibility.
Available to: Security Officer

  1. Log into OKM console. At the Please enter your choice: prompt on the main menu, select Set Acceptable TLS Versions and press Enter.
  2. Select the TLS versions to enable, and then press Enter. Options include:
    • 1 (TLSv1.0 and higher)
    • 2 (TLSv1.1 and higher)
    • 3 (TLSv1.2 and higher)
    • 4 (TLSv1.3 and higher)