The SSLDISABLELEGACYTLS option specifies whether to use protocols earlier than Transport Layer Security (TLS) 1.2 for Secure Sockets Layer (SSL) sessions between the server and the backup-archive client or storage agent.
.-SSLDISABLELEGACYTLS--No------. >>-+------------------------------+---------------------------->< '-SSLDISABLELEGACYTLS--+-No--+-' '-Yes-'
The SSLDISABLELEGACYTLS option overrides the SSLTLS12=NO option and enforces the rejection of SSL connection attempts that use levels earlier than TLS 1.2.
If you specify the SSLTLS12=YES option and do not specify the SSLDISABLELEGACYTLS option, TLS 1.2 is used.
Specify that the server uses the TLS 1.2 or later protocol for SSL sessions:
ssldisablelegacytls yes
Specify that the server rejects the TLS 1.1 and earlier protocol for SSL sessions:
ssldisablelegacytls no