Thanks Josh,it took me a while to find a timeslot (and the java.security file) to try this out, but it worked for my as well.
For macOS users: the file path is /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Home/lib/security/java.security
Peter On 15/05/2018 8:17 PM, Gould, Josh wrote:
All,To follow up on this, I've had a couple messages sent to me and I've confirmed this my self that there is only a single item to remove from your java.security file to retain the IDRAC6 functionality.*jdk.tls.disabledAlgorithms=SSLv3, RC4, MD5withRSA, DH keySize < 1024, \* * EC keySize < 224, DES40_CBC, RC4_40*, 3DES_EDE_CBC * * *need to be changed to* * * *jdk.tls.disabledAlgorithms=SSLv3, RC4, MD5withRSA, DH keySize < 1024, \* * EC keySize < 224, DES40_CBC, RC4_40* * **Effectively it's only `3DES_EDE_CBC` instance should be removed from this directive and nothing more.*Additionally i would reccommend you make the following change in the IDRAC webpage: iDRAC Settings --> Network/Security --> Services: Change the SSL Encryption to 256-bit or higher. This doesn't negate the above change thats needed in your java.security file until Dell makes a Fix.(Thanks to Ivan & Libor for the notes) JoshOn Thu, May 10, 2018 at 9:28 AM, Gould, Josh <[email protected] <mailto:[email protected]>> wrote:Same problem with IDRAC6, 7, and 8 with latest Java. Upgrade to IDRAC 7&8 fixes it for them, but IDRAC 6 still doesnt' work. Work around is to disable some of the security settings for JAVA in your java.security file: I commented out the following lines: #jdk.certpath.disabledAlgorithms=MD2, MD5, SHA1 jdkCA & usage TLSServer, \ # RSA keySize < 1024, DSA keySize < 1024, EC keySize < 224 #jdk.jar.disabledAlgorithms=MD2, MD5, RSA keySize < 1024, DSA keySize < 1024 #jdk.tls.disabledAlgorithms=SSLv3, RC4, MD5withRSA, DH keySize < 1024, \ # EC keySize < 224, DES40_CBC, RC4_40, 3DES_EDE_CBC #jdk.tls.legacyAlgorithms= \ # K_NULL, C_NULL, M_NULL, \ # DH_anon, ECDH_anon, \ # RC4_128, RC4_40, DES_CBC, DES40_CBC, \ # 3DES_EDE_CBC Everything worked perfectly after words. Keep in mind though, this does lower your security of JRE, use at your own risk. -Josh On Thu, May 10, 2018 at 8:30 AM, <[email protected] <mailto:[email protected]>> wrote: On 09/05/18 17:54, R S wrote: > I'm having problems Lauching Console in an iDRAC6 on a > R710 with BIOS 6.5.0 and iDRC 2.90 > It errors out: > > > Tried with 3 different browser on 3 different OS and they > all fail.? > > I'm going to downgrade to 2.85 first and see if it > connects. If not I'm going to downgrade BIOS to 6.4.0 > > Is DELL planning to update the cert that will expire in > about 7 month. Just a heads up as thing take time.... > > > On Wed, May 9, 2018 at 6:04 AM, lejeczek > <[email protected] <mailto:[email protected]> <mailto:[email protected] <mailto:[email protected]>>> wrote: > > guys, can you get to "virtual console" in your > iDrac(2.90 (Build 04))? > It seems to me 3.4.0 BIOS has broken something. > > many thanks, L. > > _______________________________________________ > Linux-PowerEdge mailing list > [email protected] <mailto:[email protected]> <mailto:[email protected] <mailto:[email protected]>> > https://lists.us.dell.com/mailman/listinfo/linux-poweredge <https://lists.us.dell.com/mailman/listinfo/linux-poweredge> > <https://lists.us.dell.com/mailman/listinfo/linux-poweredge <https://lists.us.dell.com/mailman/listinfo/linux-poweredge>> > > > > > -- > Tech III * AppControl * Endpoint Protection * Server > Maintenance > Buncombe County Schools Technology Department Network Group > ComicSans Awareness Campaign <http://comicsanscriminal.com> Message: 3 Date: Thu, 10 May 2018 14:30:29 +0200 From: Peter Holl <[email protected] <mailto:[email protected]>> To: [email protected] <mailto:[email protected]> Subject: [Linux-PowerEdge] iDRAC 6 enterprise console not working with newest java Message-ID: <[email protected] <mailto:[email protected]>> Content-Type: text/plain; charset="utf-8"; Format="flowed" Hello, after updating from Java 8/162 to 8/171 I can't connect to the console using the Virutual Console Client (i.e, by opening the downloaded viewer.jnlp). The screenshot shows the "Connection failed." message I got. I this on tested this in various combinations, with two R610 as iDRAC "server", and connecting to the them from windows and macos systems. Finally I found a macbook with an older Java and there it still works. Any known cure? Otherwise it would be a service call since my machines are in ProSupport. Thanks in advance, Peter Peter Holl PNSensor GmbH Otto-Hahn-Ring 6 80798 M?nchen -------------- next part -------------- A non-text attachment was scrubbed... Name: Screen Shot 2018-05-10 at 1.26.25 PM.png Type: image/png Size: 16382 bytes Desc: not available URL: <http://lists.us.dell.com/pipermail/linux-poweredge/attachments/20180510/5c526396/attachment.png <http://lists.us.dell.com/pipermail/linux-poweredge/attachments/20180510/5c526396/attachment.png>> -------------- next part -------------- A non-text attachment was scrubbed... Name: peter_holl.vcf Type: text/x-vcard Size: 361 bytes Desc: not available URL: <http://lists.us.dell.com/pipermail/linux-poweredge/attachments/20180510/5c526396/attachment.vcf <http://lists.us.dell.com/pipermail/linux-poweredge/attachments/20180510/5c526396/attachment.vcf>> ------------------------------ Subject: Digest Footer _______________________________________________ Linux-PowerEdge mailing list [email protected] <mailto:[email protected]> https://lists.us.dell.com/mailman/listinfo/linux-poweredge <https://lists.us.dell.com/mailman/listinfo/linux-poweredge> ------------------------------ End of Linux-PowerEdge Digest, Vol 168, Issue 7 *********************************************** _______________________________________________ Linux-PowerEdge mailing list [email protected] https://lists.us.dell.com/mailman/listinfo/linux-poweredge
<<attachment: peter_holl.vcf>>
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ Linux-PowerEdge mailing list [email protected] https://lists.us.dell.com/mailman/listinfo/linux-poweredge
