Configure which TLS versions is enabled for the two primary SMS communication categories.
  • SMS UI Server — This setting affects the SMS Client, Web API, and Web Server access.
  • SMS connecting to Devices/TMC/LDAP — This setting affects communication between the SMS server and remote servers.
The TLS versions enabled on a TPS device must be compatible with the TLS versions enabled in this section. To review the TLS settings on the TPS device, go to the TPS device, and then select Device ConfigurationServices.
If TLS v1.2 or later is enabled and you are using the Identity Agent with TLS v1.2 or later enabled, the SMS must be running with the 2K key. For more information, see SMS certificate key .
If you have trouble managing a TippingPoint SSL appliance 1500S, set the TLS version to 1.0 only.
Before you edit the TLS versions, note the following caveats:
  • You must select at least one TLS version for each communication category. Due to security reasons, we recommend that you disable TLS v1.0 and SSLv3.0 if they are not required in your network environment.
  • The TLS versions for some devices are incompatible with the SMS. Before you configure the TLS versions settings, review the list of unsupported devices available on the TMC.
  • Editing the TLS versions requires a restart of the SMS.
For more information on the supported cipher suites for the TLS versions, see SMS encryption protocols, algorithms, and cipher support.

Procedure

  1. Go to AdminServer Properties, and then select the TLS tab.
  2. Review the current state for each communication type. A check mark indicates if a TLS version is enabled. If it is not, the radio button is unselected and the current state displays as Disabled.
  3. Click Edit to edit the TLS versions.
  4. Select one or more TLS versions for the communication categories:
    Note
    Note
    You must select at least one TLS version for each communication category.
  5. If there are incompatibilities between the SMS TLS versions and the managed device TLS versions, the SMS will display warnings and/or errors. Click Details to review the severity and descriptions. If there are any errors, you cannot save your changes until you select compatible TLS versions.
  6. Click OK. Editing the TLS versions requires a restart of the SMS. Click Yes to immediately reboot the SMS and commit the TLS versions.