enable_latest_tls
Enable the most recent version of TLS (TLSv1.3) by disabling TLSv1.2 on either the current system or on all associated managed units.
Transport layer security (TLS) 1.3 provides a faster and more secure encryption protocol. Your
Guardium central manager appliance must be at 12.0 or later. TLS 1.3 is automatically enabled with
Guardium 12.x. You can choose to disable TLS 1.2 after your central manager, all associated managed
units, S-TAPs, and the GIM client are at Guardium 12.x.
Note: Be very careful about forcing Guardium
to disable TLS 1.2 if your configuration includes managed units that are not at Guardium 12.0. In
addition, not all add-ons and features support TLS 1.3. For more information, see Managing the TLS version.
Tip: This API takes a few minutes to run.
This API is available in Guardium v12.0 and later.
GuardAPI syntax
enable_latest_tls parameter=value
Parameters
Parameter | Value type | Description |
---|---|---|
all | Boolean | Required. For a central manager, select whether to disable TLS 1.2 on all associated
managed units. Valid values:
Default = 0 (false) |
force | Boolean | Specify whether to disable TLS 1.2 when appliance, GIM, or S-TAP versions are incompatible
between the central manager and any managed units. Valid values:
Default = 0 (false) |
api_target_host | String |
Specifies the target hosts where the API executes. Valid values:
IP addresses must conform to the IP mode of your network. For dual IP mode, use the same IP protocol with which the managed unit is registered with the central manager. For example, if the registration uses IPv6, specify an IPv6 address. The hostname is independent of IP mode and can be used with any mode. |