If it is required in your environment, you can enable the use of SSLv3 or TLSv1 for secure communication in Download Service.

By default, Download Service supports the use of TLSv1.1 and TLSv1.2 to provide secure communication for retrieving metadata and product files from the remote depot. SSLv3 and TLSv1 are older protocols and are disabled by default. You can edit a configuration file to enable SSLv3 or TLSv1 if this is required by your organization's security policy or for other reasons.

Download Service attempts to select the protocol with the highest version supported by both the client and the remote depot server.

1

Right-click the Download Service icon (VMware Software Manager: Download Service taskbar icon) in the Windows taskbar and select Quit.

2

Open the file %APPDATA%\VMware\Software Manager\Download Service\Cfg\application.cfg in a text editor.

3

If there is no section of the file beginning with the heading [security], add it to the bottom of the file.

4

Underneath the [security] heading, add one or more of the following lines to enable the protocol or protocols you want to use.

Option

Description

disable_ssl3=false

Enables SSLv3.

disable_tls1=false

Enables TLSv1.

5

Save and close the file, and restart Download Service.

Download Service can now use the protocol or protocols you have enabled.