At least in CPPM 6.9.5, I see TLS 1.1 is not allowed. You may consider upgrading, or work with Aruba Support.
* TLS 1.0 Cipher Suites:
Attempted to connect using 80 cipher suites; the server rejected all cipher suites.
* TLS 1.1 Cipher Suites:
Attempted to connect using 80 cipher suites; the server rejected all cipher suites.
* SSL 3.0 Cipher Suites:
Attempted to connect using 80 cipher suites; the server rejected all cipher suites.
------------------------------
Herman Robers
------------------------
If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check
https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.
------------------------------
Original Message:
Sent: Apr 28, 2021 06:58 PM
From: C
Subject: CPPM Postgres TLS Settings
Were you ever able to resolve this? Infosec is flagging me for the same TLSV1.1 and I'd like to disable it.
------------------------------
C
Original Message:
Sent: Jan 30, 2020 02:05 PM
From: Daniel McDavid
Subject: CPPM Postgres TLS Settings
Our checkbox enforcers InfoSec folks have determined that we must restrict TLS to v1.2 and I'm unable to find a setting for the postgres listener on 5432/tcp. I've played with the Disable TLS version 1.0/1.1 cluster-wide parameters in my lab (running v6.7.8), but I'm still seeing TLSv1.1 in my scans (sslyze --regular --starttls=postgres <pub>:5432).
Is there a way to manage the TLS settings for postgres?