From NSX 6.4 TLS 1.0 is disabled by default but maybe the configuration has been inherited from previous upgrade. Check if it is enabled on the NSX Manager but i should not.
Follow the next procedure:
My mistake, they actually want to disable TLS 1.1 now. TLS v1.0 is not enabled.
No worries, same procedure applies.
Follow it and let us know!
So YES, this is possible and here is the KB with the correct answer:
Using the API you can tell the NSX Manager to turn on/off different TLS version support on the ESG web service.
The settings in the NSX Manager web GUI have no affect on the ESG's, they appear to only affect the web server on the NSX Manager VM.
The change made via the API does survive ESG reboots and re-deployments as well as upgrades. We made the change in v6.4.6 and it is still in effect after upgrading to v6.4.8.