we need to turn off TLS 1.0 and preferably run TLS 1.2 for the internal website of the ESRS VA.
we also would like to exchange the certificate to an internal CA.
I could not find any information on these two topics in the ESRS documentation. Can anyone help?
Whilst it is possible, we don't recommend disabling TLSv1.0/1.1 on ESRS-VE gateways at this stage. The reason being there are still a few products which can only support TLSv1.0 for HTTPS call-home.
Note that ESRS-VE always uses TLSv1.2 secured connections across the Internet to the ESRS backend. Any TLSv1.0 connections are on the customer internal network between the Dell EMC product and the ESRS gateway.
Regarding your other question, to change the ESRS WebUI certificate see the following KB article: