Administrators can determine
which client systems do not have sufficient security levels and either
update them to the higher level or decrease the system security level
until these systems are updated.
To change SSL/TLS settings by using the command-line
interface, complete these steps:
- Enter chsecurity -sslprotocol security_level, where security_level is one of the following
values:
Table 1. Supported SSL/TLS security levels. Supported SSL/TLS security levels
| Security level |
Description |
Minimum security allowed |
| 1 |
Sets the system to disallow SSL version 3.0. |
TLS 1.0 |
| 2 |
Sets the system to disallow SSL version 3.0,
TLS version 1.0, and TLS version 1.1. |
TLS 1.2 |
| 3 |
Sets the system to disallow SSL version 3.0,
TLS version 1.0, and TLS version 1.1 and to allow cipher suites that
are exclusive to TLS version 1.2. |
TLS 1.2 |
Note: Users might lose the connection to the management GUI when the security level is changed. If you loose the connection,
use the CLI to decrease the security level to a lower setting.