It is a best practice to disable deprecated, unused and unsafe protocols. Examples of these are RFC 8996 for TLSv1.0 and TLSv1.1 as well as RFC7568 for SSLv3
In this article it is shown how to automate this through PowerCLI
VMware has published how to do this. However, they have not shown how to do this through PowerCLI.
Attached some lines of code on how to do this… Once connected to vCenter Server using PowerCLI, run the following commands
To query : $DisabledProtocolsPre = get-vmhost | Get-AdvancedSetting -Name UserVars.ESXiVPsDisabledProtocols
To configure : $DisabledProtocolsPost = get-vmhost | Get-AdvancedSetting -Name UserVars.ESXiVPsDisabledProtocols | Set-AdvancedSetting -Value “tlsv1,tlsv1.1,sslv3” -Confirm:$false
Important: after configuration is successful, a restart of the ESXi host is required.
Also, William Lam created functions on GitHub to allow this. Select what you prefer!