Workaround:
VMWare Plug-in to work with TLS 1.2 by using the following steps on the CA agent server:
1. Disable TLS 1.0 and 1.1 via SChannel registry keys
For TLS 1.0:
Registry path: HKLM SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0\
Create a "Client" subkey
In each, create a new DWORD entry "Enabled", set the value to 0
In each, create a new DWORD entry "DisabledByDefault", set the value to 1
For TLS 1.1:
Registry path: HKLM SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.1\
Create a "Client" subkey
In each, create a new DWORD entry "Enabled", set the value to 0
In each, create a new DWORD entry "DisabledByDefault", set the value to 1
2. Enable TLS 1.2 via SChannel registry keys
For TLS 1.2:
Registry path: HKLM SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\
Create a "Client" subkey
In each, create a new DWORD entry "Enabled", set the value to 1
In each, create a new DWORD entry "DisabledByDefault", set the value to 0
3. Implement SchUseStrongCrypto registry key here: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v4.0.30319\
A - Start the registry editor by clicking on Start and Run. Type in "regedit" into the Run field (without quotations).
B - Highlight Computer at the top of the registry tree. Backup the registry first by clicking on File and then on Export. Select a file location to save the registry file.
Note: You will be editing the registry. This could have detrimental effects on your computer if done incorrectly, so it is strongly advised to make a backup.
C - Browse to the following registry key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NetFramework\v4.0.30319
D - Right-click on the right pane and create a new DWORD (32-bit) Value with Name "SchUseStrongCrypto".
E - Ensure that the Value data field is set to 1 and the Base is Hexadecimal. Click on OK.
F - Repeat steps D and E for the registry key: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NetFramework\v4.0.30319
G - Reboot the server
4. Restart CA Agent on the server in question (not really necessary after the server restart)
For further references on the TLS registry keys, please see the following link:
https://docs.microsoft.com/en-us/windows-server/security/tls/tls-registry-settings
For further references on the .Net SchUseStrongCrypto registry keys, please see the following link:
https://docs.microsoft.com/en-us/dotnet/framework/network-programming/tls