The set ssl_tls_protocols command allows you to enable or disable the SSL/TLS protocols for APACHE and SAML services only. By default, TLSv1.0, TLSv1.1, or TLSv1.2 are enabled. Note that for SAML, if any, of the protocols is disabled, eventually only the highest protocol in the sequence is enabled. You cannot change the SSL/TLS protocol when the SSL/TLS setting is set to default mode. You must set the SSL/TLS setting in override mode to change the SSL/TLS protocol. For information about SSL/TLS settings, see set ssl_tls_settings.

You can use the show ssl_tls_protocols command to view the enabled SSL/TLS protocols. For information, see show ssl_tls_protocols.

Syntax

set ssl_tls_protocols [ enable | disable ] [ TLSv1.0 | TLSv1.1 | TLSv1.2 ]

Argument	Description

Argument	Description
`enable`	Enables the SSL/TLS protocols.
`TLSv1.0`	Enables the TLSv1.0 protocol.
`TLSv1.1`	Enables the TLSv1.1 protocol.
`TLSv1.2`	Enables the TLSv1.2 protocol.
`disable`	Disables the SSL/TLS protocols. Note that you cannot disable all the SSL/TLS protocols. At least one protocol must be enabled.

Examples

Enable TLSv1.0 protocol

Infoblox > set ssl_tls_protocols enable TLSv1.0

TLSv1.0 was enabled.
Current configuration for the HTTPS : TLSv1.0 TLSv1.1 TLSv1.2
Current configuration for the SAML : TLSv1.0 TLSv1.1 TLSv1.2
The following services need to be restarted manually: GUI

Disable TLSv1.0 protocol

Infoblox > set ssl_tls_protocols disable TLSv1.0

TLSv1.0 was disabled.
Current configuration for the HTTPS : TLSv1.1 TLSv1.2
Current configuration for the SAML : TLSv1.2
The following services need to be restarted manually: GUI