Skip to main content
Solved

how to use TLS in network topology


Forum|alt.badge.img+7

Hi,

We need to secure the communication between the commserve components and our vcenters. 

SSL will no longer be used in our vmware vsphere platform. We must use TLS 1.2 minimum.

We use some Network topology but only those created at the commserve livesync activation.

if i need to create a secure communication between Commserve and  Vcenter what option should i use to be sure using TLS ?

kind regards,

christophe

Best answer by Gopinath

Virtual Server iDA supports (SSL, TLS 1.0,1.1, 1.2) security protocols to communicate to vCenter Server part of protection and restore operations. With vCenter 6.7 TLS 1.2 is default and which is supported as well with VSA. VSiDA will not need to use a network topology for that, as it communicates directly to VC using VMware SDK. Cross check if you have any http proxy present in environment then configure/allow VSA machines there to communicate to vCenter server, in case any communication issues.

 

Regards

Gopinath

View original
Did this answer your question?

4 replies

Forum|alt.badge.img+1
  • Vaulter
  • 4 replies
  • June 1, 2021

The communication between the CommServe components and the vCenter do not use a network topology.  If you disable SSL on the vCenter Server, the communication should automatically use TLS (actually TLS should be used even if SSL is not disabled since it has higher precedence).  Are you seeing any issues with this communication?  


Forum|alt.badge.img+8
  • Vaulter
  • 68 replies
  • Answer
  • June 1, 2021

Virtual Server iDA supports (SSL, TLS 1.0,1.1, 1.2) security protocols to communicate to vCenter Server part of protection and restore operations. With vCenter 6.7 TLS 1.2 is default and which is supported as well with VSA. VSiDA will not need to use a network topology for that, as it communicates directly to VC using VMware SDK. Cross check if you have any http proxy present in environment then configure/allow VSA machines there to communicate to vCenter server, in case any communication issues.

 

Regards

Gopinath


Forum|alt.badge.img+7
  • Author
  • Byte
  • 25 replies
  • June 2, 2021
henry wrote:

The communication between the CommServe components and the vCenter do not use a network topology.  If you disable SSL on the vCenter Server, the communication should automatically use TLS (actually TLS should be used even if SSL is not disabled since it has higher precedence).  Are you seeing any issues with this communication?  

Hi, thank you for the reply. i have seen in the backup logs with the VSA the use of TLS for communication. So it answers my question.i don’t see any issues with communication.


Forum|alt.badge.img+7
  • Author
  • Byte
  • 25 replies
  • June 2, 2021
Gopinath wrote:

Virtual Server iDA supports (SSL, TLS 1.0,1.1, 1.2) security protocols to communicate to vCenter Server part of protection and restore operations. With vCenter 6.7 TLS 1.2 is default and which is supported as well with VSA. VSiDA will not need to use a network topology for that, as it communicates directly to VC using VMware SDK. Cross check if you have any http proxy present in environment then configure/allow VSA machines there to communicate to vCenter server, in case any communication issues.

 

Regards

Gopinath

Hi Gopinath, thank you for the reply, it’s exactly what i would like to know. 


Reply


Cookie policy

We use cookies to enhance and personalize your experience. If you accept you agree to our full cookie policy. Learn more about our cookies.

 
Cookie settings