Thanks Josh. This worked for me on Debian Stretch.
Richard
On 2018-05-15 14:17, Gould, Josh wrote:
All,
To follow up on this, I've had a couple messages sent to me and I've
confirmed this my self that there is only a single item to remove from
your java.security file to retain the IDRAC6 functionality.
JDK.TLS.DISABLEDALGORITHMS=SSLV3, RC4, MD5WITHRSA, DH KEYSIZE < 1024,
\
EC KEYSIZE < 224, DES40_CBC, RC4_40, 3DES_EDE_CBC
NEED TO BE CHANGED TO
JDK.TLS.DISABLEDALGORITHMS=SSLV3, RC4, MD5WITHRSA, DH KEYSIZE < 1024,
\
EC KEYSIZE < 224, DES40_CBC, RC4_40
EFFECTIVELY IT'S ONLY `3DES_EDE_CBC` INSTANCE SHOULD BE REMOVED
FROM THIS DIRECTIVE AND NOTHING MORE.
Additionally i would reccommend you make the following change in the
IDRAC webpage:
iDRAC Settings --> Network/Security --> Services: Change the SSL
Encryption to 256-bit or higher.
This doesn't negate the above change thats needed in your
java.security file until Dell makes a Fix.
(Thanks to Ivan & Libor for the notes)
Josh
On Thu, May 10, 2018 at 9:28 AM, Gould, Josh <[email protected]>
wrote:
Same problem with IDRAC6, 7, and 8 with latest Java. Upgrade to
IDRAC 7&8 fixes it for them, but IDRAC 6 still doesnt' work.
Work around is to disable some of the security settings for JAVA in
your java.security file:
I commented out the following lines:
#jdk.certpath.disabledAlgorithms=MD2, MD5, SHA1 jdkCA & usage
TLSServer, \
# RSA keySize < 1024, DSA keySize < 1024, EC keySize < 224
#jdk.jar.disabledAlgorithms=MD2, MD5, RSA keySize < 1024, DSA
keySize < 1024
#jdk.tls.disabledAlgorithms=SSLv3, RC4, MD5withRSA, DH keySize <
1024, \
# EC keySize < 224, DES40_CBC, RC4_40, 3DES_EDE_CBC
#jdk.tls.legacyAlgorithms= \
# K_NULL, C_NULL, M_NULL, \
# DH_anon, ECDH_anon, \
# RC4_128, RC4_40, DES_CBC, DES40_CBC, \
# 3DES_EDE_CBC
Everything worked perfectly after words. Keep in mind though, this
does lower your security of JRE, use at your own risk.
-Josh
On Thu, May 10, 2018 at 8:30 AM, <[email protected]>
wrote:
On 09/05/18 17:54, R S wrote:
I'm having problems Lauching Console in an iDRAC6 on a
R710 with BIOS 6.5.0 and iDRC 2.90
It errors out:
Tried with 3 different browser on 3 different OS and they
all fail.?
I'm going to downgrade to 2.85 first and see if it
connects. If not I'm going to downgrade BIOS to 6.4.0
Is DELL planning to update the cert that will expire in
about 7 month. Just a heads up as thing take time....
On Wed, May 9, 2018 at 6:04 AM, lejeczek
<[email protected] <mailto:[email protected]>> wrote:
guys, can you get to "virtual console" in your
iDrac(2.90 (Build 04))?
It seems to me 3.4.0 BIOS has broken something.
many thanks, L.
_______________________________________________
Linux-PowerEdge mailing list
[email protected] <mailto:[email protected]>
https://lists.us.dell.com/mailman/listinfo/linux-poweredge
[1]
<https://lists.us.dell.com/mailman/listinfo/linux-poweredge
[1]>
--
Tech III * AppControl * Endpoint Protection * Server
Maintenance
Buncombe County Schools Technology Department Network Group
ComicSans Awareness Campaign <http://comicsanscriminal.com>
Message: 3
Date: Thu, 10 May 2018 14:30:29 +0200
From: Peter Holl <[email protected]>
To: [email protected]
Subject: [Linux-PowerEdge] iDRAC 6 enterprise console not working
with
newest java
Message-ID: <[email protected]>
Content-Type: text/plain; charset="utf-8"; Format="flowed"
Hello,
after updating from Java 8/162 to 8/171 I can't connect to the
console
using the Virutual Console Client (i.e, by opening the downloaded
viewer.jnlp).
The screenshot shows the "Connection failed." message I got.
I this on tested this in various combinations, with two R610 as
iDRAC
"server", and connecting to the them from windows and macos
systems.
Finally I found a macbook with an older Java and there it still
works.
Any known cure? Otherwise it would be a service call since my
machines
are in ProSupport.
Thanks in advance,
Peter
Peter Holl
PNSensor GmbH
Otto-Hahn-Ring 6
80798 M?nchen
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Screen Shot 2018-05-10 at 1.26.25 PM.png
Type: image/png
Size: 16382 bytes
Desc: not available
URL:
<http://lists.us.dell.com/pipermail/linux-poweredge/attachments/20180510/5c526396/attachment.png
[2]>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: peter_holl.vcf
Type: text/x-vcard
Size: 361 bytes
Desc: not available
URL:
<http://lists.us.dell.com/pipermail/linux-poweredge/attachments/20180510/5c526396/attachment.vcf
[3]>
------------------------------
Subject: Digest Footer
_______________________________________________
Linux-PowerEdge mailing list
[email protected]
https://lists.us.dell.com/mailman/listinfo/linux-poweredge [1]
------------------------------
End of Linux-PowerEdge Digest, Vol 168, Issue 7
***********************************************
Links:
------
[1] https://lists.us.dell.com/mailman/listinfo/linux-poweredge
[2]
http://lists.us.dell.com/pipermail/linux-poweredge/attachments/20180510/5c526396/attachment.png
[3]
http://lists.us.dell.com/pipermail/linux-poweredge/attachments/20180510/5c526396/attachment.vcf
_______________________________________________
Linux-PowerEdge mailing list
[email protected]
https://lists.us.dell.com/mailman/listinfo/linux-poweredge
--
Richard Potter
_______________________________________________
Linux-PowerEdge mailing list
[email protected]
https://lists.us.dell.com/mailman/listinfo/linux-poweredge
