Dell PowerStore 3200T EMC PowerStore SRA Plugin for VMware Site Recovery Manag - Page 18

Configuring certificates for Photon OS Section Parameter ca_path protocols ssl:tls.1.2 ciphers Default Value Description N/A tls1.2 The ca_path parameter specifies a path to a root certificate. If verify is enabled and you are using a selfsigned certificate, you should export the root certificate from the storage host, place it beside the downloaded config file and set ca_path to the certificate name if you are using the Linux version. For the Windows version of the SRA, do not set the ca_path parameter. You must import the certificate through the Windows Trust Store. NOTE: You must adjust this parameter if you want a secure connection. The protocols parameter specifies a list of SSL protocols that SRA can use. SRA uses the first protocol in which a connection succeeded, from first to last through the list. You can use TLS1.2 and TLS1.1, although TLS1.1 is deprecated. Setting the value to TLSv1.0 means 1.0, 1.1, and 1.2 are all supported. However, you can enable TLS1.1 by changing settings in the config.ini file if you need to allow traffic through TLS1.1. Enabling TLS1.1 might be helpful if you are migrating data from older systems. AESGCM:-aNULL:-DH:kRSA:@STRENGTH For each protocol, you can set a cipher list consisting of one or more OpenSSL cipher strings separated by colons. It specifies in the cipher's Dell EMC PowerStore SRA Plugin 1.0 for VMware SRM Release Notes