Since the standardization of TLS 1.2 in 2008, continued analysis of older versions of TLS has shown significant weaknesses. This led to NIST advising in 2014 to move from TLS 1.0 to later versions of the protocol. Since then the deprecation of TLS 1.0 in products has started, with the PCI deadline for complete removal currently standing at June 2018.
Due to this, from version 2.3, the Cisco Meeting Server will, by default, use a minimum of TLS 1.2 and DTLS 1.2 for all services. If needed for interop with older software that has not implemented TLS 1.2, the minimum TLS version for SIP, LDAP and HTTPS, and the DTLS version can be configured to a lower version of the protocol. However, note that a future version of the software may completely remove TLS 1.0.
The minimum version is configured using the MMP command tls<service> min-tls-version <minimum version string>. See the MMP Command Line Guide for more information.
Note: Ad hoc escalation from Cisco Unified Communications Manager uses the HTTPS interface of the Cisco Meeting Server. Versions of Cisco Unified Communications Manager prior to 11.5(1)SU3 only support TLS 1.0 for this communication path. If using ad hoc escalation, either upgrade to a version that supports later versions of TLS, or lower the minimum version of TLS supported for the HTTPS interface on the Cisco Meeting Server.