HPE Community
HPE Nimble Storage Solution Specialists
1833059 Members
2416 Online
110049 Solutions
New Discussion

Disable older TLS on port 5394

 
aharvey
Frequent Visitor

‎12-16-2022 09:40 AM - last edited on ‎01-06-2023 04:50 AM by

‎12-16-2022 09:40 AM - last edited on ‎01-06-2023 04:50 AM by

Disable older TLS on port 5394

We have a Nimble CS300 and are working on disabling older TLS protocols to meet security requirements. We have successfully run the below command on our Nimble storage unit that disable the older protocols on open ports...except for port 5394 (Group leader failover communication). This port is still showing TLS 1.0 and 1.1.

group --edit --tlsv1_enabled {yes|no}

Is there a way to mitigate this specific port?

0 Kudos
Reply
2 REPLIES 2
support_s
System Recommended

‎12-16-2022 10:41 AM

‎12-16-2022 10:41 AM

Query: Disable older TLS on port 5394

System recommended content:

1. HPE OneView 8.0 User Guide for VMs | Disabling TLS 1.0 or TLS 1.1 protocols

2. HPE OneView 7.0 User Guide for VMs | Disabling TLS 1.0 or TLS 1.1 protocols

 

Please click on "Thumbs Up/Kudo" icon to give a "Kudo".

 

Thank you for being a HPE valuable community member.


Accept or Kudo

0 Kudos
Reply
Vipin_S
HPE Pro

‎01-06-2023 01:12 AM

‎01-06-2023 01:12 AM

Re: Disable older TLS on port 5394

Hello @aharvey , 

As of NImble OS Version 5.1, TCP port 5394 was added.  TLS 1.0/1.1 is enabled on that TCP port, and does not disable with the --tlsv1_enabled switch.

 

There is a bug which seeks to disable TLS1.0/1.1 on TCP port 5394. So solution would  be TCP port 5394, needs to be attached to this bug. For that you need to connect with HPE nimble support team and raise the request.

Telephone and Email Support is available 24x7. Contact details for your location can be found at the following web page: https://www.hpe.com/us/en/services/nimble-storage.html
Email: support@nimblestorage.com

 



I work at HPE
HPE Support Center offers support for your HPE services and products when and how you need it. Get started with HPE Support Center today.
[Any personal opinions expressed are mine, and not official statements on behalf of Hewlett Packard Enterprise]
Accept or Kudo
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.