KB#0032 Change the SSL protocol of the console service for Puppet Enterprise 2015.x, 2016.1.x to 2016.2.x, and 2016.4.0 to 2016.4.3 Erik Hansen March 19, 2018 23:54 Updated Did this solve your problem? 2 out of 4 found this helpful Change the SSL protocol of the console service for Puppet Enterprise 2015.x, 2016.1.x to 2016.2.x, and 2016.4.0 to 2016.4.3 - Erik Hansen For security reasons, your organization might need to re... Read this full article with Puppet Support Log in to your account Learn more about Puppet products Related articles KB#0029 Verify SSL protocols and cipher suites in use on Puppet Enterprise nodes KB#0165 Resolve SELinux access errors with MCollective log rotation in Puppet Enterprise 2015.2.x, 2016.4.x, and 2017.3.x KB#0093 PuppetDB: Database maintenance and size for Puppet Enterprise 2015.3.x and 2015.2.x KB#0241 Determine how long deployments take in Pipelines for Applications KB#0014 How do I run the support script for Puppet Enterprise 2016.x to 2019.0.x? Comments 2 comments Sort by Date Votes Rocky Giannini June 14, 2017 17:56 Edited June 13, 2017 21:09 Thanks Erik, for the remediation you provided. Your solution fixed this issue for port 443, but not for port 8081. How do I remediate this for port 8081? Thanks. 0 Permalink Erik Hansen June 14, 2017 20:35 Hi Rocky, Are you using the latest version of PE (2017.2.1)? We now have this document available, which describes setting the allowed protocols for all PE services in one go: https://docs.puppet.com/pe/latest/disable_tlsv1.html If you are on the 2016.4 series, you can use still use the following in Hiera for PuppetDB and port 8081 specifically: puppet_enterprise::puppetdb::jetty_ini::ssl_protocols: - "TLSv1.1" - "TLSv1.2" 0 Permalink Please sign in to leave a comment.