SSLv3 in ESXi 6.5

Hi,

does anybody know how to enable SSLv3 for vmauthd on ESXi 6.5 ? The old "vmware-vdiskmanager" application for some reason insists on using that and I cannot use the one from VDDK 6.5, because it requires SSL certificate thumbprint but does not give any option to specify it from the command line

On ESXi 6.0 it was working fine, but after upgrade to 6.5 the ESXi rejects the connection (just after it receives SSL CLIENT HELLO). In the log I can see that only tls1.2 is allowed:

2017-02-27T19:51:51Z vmauthd[68626]: lib/ssl: protocol list tls1.2

2017-02-27T19:51:51Z vmauthd[68626]: lib/ssl: protocol list tls1.2 (openssl flags 0x17000000)

2017-02-27T19:51:51Z vmauthd[68626]: lib/ssl: cipher list !aNULL:kECDH+AESGCM:ECDH+AESGCM:RSA+AESGCM:kECDH+AES:ECDH+AES:RSA+AES

And indeed it does not recognise the protocol when vdiskmanager is tryint to establish SSL:

2017-02-27T20:02:37Z vmauthd[68831]: Msg_SetLocaleEx: HostLocale=UTF-8 UserLocale=NULL

2017-02-27T20:02:37Z vmauthd[68831]: Could not expand environment variable HOME.

2017-02-27T20:02:37Z vmauthd[68831]: Could not expand environment variable HOME.

2017-02-27T20:02:37Z vmauthd[68831]: DictionaryLoad: Cannot open file "/usr/lib/vmware/config": No such file or directory.

2017-02-27T20:02:37Z vmauthd[68831]: DictionaryLoad: Cannot open file "~/.vmware/config": No such file or directory.

2017-02-27T20:02:37Z vmauthd[68831]: DictionaryLoad: Cannot open file "~/.vmware/preferences": No such file or directory.

2017-02-27T20:02:37Z vmauthd[68831]: lib/ssl: OpenSSL using FIPS_drbg for RAND

2017-02-27T20:02:37Z vmauthd[68831]: lib/ssl: protocol list tls1.2

2017-02-27T20:02:37Z vmauthd[68831]: lib/ssl: protocol list tls1.2 (openssl flags 0x17000000)

2017-02-27T20:02:37Z vmauthd[68831]: lib/ssl: cipher list !aNULL:kECDH+AESGCM:ECDH+AESGCM:RSA+AESGCM:kECDH+AES:ECDH+AES:RSA+AES

2017-02-27T20:02:37Z vmauthd[68831]: Connect from remote socket (10.5.0.3:51395).

2017-02-27T20:02:37Z vmauthd[68831]: Connect from 10.5.0.3

2017-02-27T20:02:37Z vmauthd[68831]: SSL Error: error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol

2017-02-27T20:02:37Z vmauthd[68831]: recv() FAIL: 1.

2017-02-27T20:02:37Z vmauthd[68831]: VMAuthdSocketRead: read failed.  Closing socket for reading.

2017-02-27T20:02:37Z vmauthd[68831]: Read failed.

I have tried several ways to change it, but without any success:

- add "vmauthd.ssl.noSSLv3 = "false"" to /etc/vmware/config

- set "vmacore/ssl" in /etc/vmware/rhttpproxy/config.xml to "<protocols>SSLv3,tls1.0,tls1.1,tls1.2</protocols>"

- remove "sslv3" from /UserVars/ESXiVPsDisabledProtocols 

I am going nuts, is there some other way?

Thanks,

Ondrej