KB Article: https://kb.vmware.com/s/article/79476

1 Connect to the ESXi host through SSH.
1 Take a backup of /etc/vmware/rhttpproxy/config.xml file.
1 Open the /etc/vmware/rhttpproxy/config.xml file in a text editor.
1 Find a line containing <cipherList>. If it doesn't exit, the user can create it within the XML structure:
 <code>
  <config>
  <vmacore>
  <ssl>
  <cipherList>...</cipherList>
  </ssl>
  </vmacore>
  </config>
  </code>
  
  Replace with this line:

  <code><cipherList>!aNULL:ECDHE+AESGCM:ECDHE+AES</cipherList></code>
   
  For changes to take effect, restart the rhttpproxy service using this command:

  <code bash>/etc/init.d/rhttpproxy restart</code>

</code>

Maybe if needed delete the

:ECDHE+AES

cipherList section too.