Enable TLSv1

To comply with security regulations, TLSv1 and TLSv1.1 are disabled by default in Puppet Enterprise (PE) versions 2019.8.9 and later.

You must enable TLSv1 to install agents on these platforms:
  • AIX
  • Solaris 11
  1. In the PE console, navigate to Node groups > PE Infrastructure.
  2. On the Configuration data tab, find or add the puppet_enterprise::master::puppetserver class.
  3. Add the ssl_protocols parameter and set the value to an array of strings representing allowed TLS versions.
    For example:
    ["TLSv1", "TLSv1.1", "TLSv1.2"]
  4. Click Add data and commit changes.
  5. Run Puppet on the primary server and any compilers.
    Tip: There are several ways to Run Puppet on demand.