topic Re: Nimble Storage Model CS1000 - Software Version 5.0.6.0-593144-opt Disable TLSv1.0 and 1.1 in HPE Nimble Storage Solution Specialists

Nimble Storage Model CS1000 - Software Version 5.0.6.0-593144-opt Disable TLSv1.0 and 1.1

ioanp — Thu, 26 Sep 2019 09:55:41 GMT

We have to disable tls v1.0 and v1.1 on Nimble Storage and to leave only tlsv1.2 active. We are having dificulties finding any settings or information in regard to this matter. Could someone help us with some information or point us to a manual? Thanks

Re: Nimble Storage Model CS1000 - Software Version 5.0.6.0-593144-opt Disable TLSv1.0 and 1.1

SprinkleJames — Thu, 26 Sep 2019 17:26:04 GMT

Hi ioanp,

Do you have access to this KB article on InfoSight? There's some info there that may help you.

Re: Nimble Storage Model CS1000 - Software Version 5.0.6.0-593144-opt Disable TLSv1.0 and 1.1

ioanp — Fri, 27 Sep 2019 11:32:59 GMT

Hi James,

Thanks for the link, I was able to read it.
It's very helpful.

Re: Nimble Storage Model CS1000 - Software Version 5.0.6.0-593144-opt Disable TLSv1.0 and 1.1

Katie2 — Mon, 14 Dec 2020 10:24:03 GMT

Hi there. I have the same question for our CS3000 and CS5000 devices but the knowledge article link is no longer working. Is there some updated information you can forward me to please? And also, is the change persistent through reboots etc?

Thank you.

Re: Nimble Storage Model CS1000 - Software Version 5.0.6.0-593144-opt Disable TLSv1.0 and 1.1

sants — Wed, 24 Feb 2021 14:44:30 GMT

@SprinkleJames Looks like this link is dead now. Is there another source for this?

Re: Nimble Storage Model CS1000 - Software Version 5.0.6.0-593144-opt Disable TLSv1.0 and 1.1

SprinkleJames — Wed, 24 Feb 2021 15:24:42 GMT

Here's an updated link:

KB-000352 Common Vulnerability and Exposure (CVE) status reports > NO-CVE-REPORT: Use of TLSv1.0 or TLSv1.1 are not recommended in some environments

Re: Nimble Storage Model CS1000 - Software Version 5.0.6.0-593144-opt Disable TLSv1.0 and 1.1

EricKoh — Mon, 21 Jun 2021 11:39:19 GMT

Hi @SprinkleJames, the link seems dead again! Appreciate if you could prove it here again, or can you just past the commands here?

Thank you so much!

Re: Nimble Storage Model CS1000 - Software Version 5.0.6.0-593144-opt Disable TLSv1.0 and 1.1

SprinkleJames — Mon, 21 Jun 2021 20:56:34 GMT

Here's the link:
https://infosight.hpe.com/InfoSight/media/kb/active/sup_KB-000352_Common_Vulnerability_and_Exposure_CVE_Status_Reports_.whz/index.html#tsi1504876963915.html

...and the command to disable TLS 1.0 and TLS 1.1:
group --edit --disable_tlsv1

Re: Nimble Storage Model CS1000 - Software Version 5.0.6.0-593144-opt Disable TLSv1.0 and 1.1

EricKoh — Tue, 22 Jun 2021 08:55:34 GMT

Thank you so much for your prompt response!

Re: Nimble Storage Model CS1000 - Software Version 5.0.6.0-593144-opt Disable TLSv1.0

StepInno — Fri, 14 Jan 2022 22:51:29 GMT

Hello is the

command

group --edit --tlsv1_enabled {yes|no}

only going to affect the management? or does this affect iSCSI targets too we are using the Nimble with iSCSI connected to a pair of ESXi hosts. We need to make sure the iscsi are not impacted by this change.

We are using a CS300 and need to make sure its ok and supports TLS 1.2

Can you confirm?

Re: Nimble Storage Model CS1000 - Software Version 5.0.6.0-593144-opt Disable TLSv1.0

SprinkleJames — Mon, 17 Jan 2022 18:03:19 GMT

HI @StepInno,

It's just for management. iSCSI traffic is not encrypted anyway, so I wouldn't expect host connectivity to be impacted.

I believe the CS300 went end-of-support on 12/31/2021. What version of Nimble Storage OS are you running?