[prev in list] [next in list] [prev in thread] [next in thread]
List: linux-poweredge
Subject: [Linux-PowerEdge] DRAC Java virtual console broken due to disabling of SSLv3
From: Bond Masuda <bond.masuda () jlbond ! com>
Date: 2015-01-29 21:18:39
Message-ID: 54CAA3AF.6030609 () jlbond ! com
[Download RAW message or body]
I'm hoping this message serves 2 purposes: 1) help others who may
encounter the same problem and 2) notify Dell technical support of the
problem and perhaps motivate Dell to provide a better solution.
I have a few PE2900 gen 2 and gen 3 all with DRAC cards. I use the Java
virtual console quite a bit, especially for firmware updates and such.
Just this week, the Java virtual console application stopped working
across the board. (I use the Java virtual console because all my
machines are Linux, with Firefox) I've flashed to the latest firmware (I
believe 1.65) and the Java virtual console would give the error: "Error
when reading from SSL socket connection" and exit.
After some discussion at
http://en.community.dell.com/support-forums/servers/f/956/p/18394689/20722078#20722078,
found that the problem was that recent JDKs disabled SSLv3. This can be
re-enabled by editing the "java.security" file and commenting out the line:
jdk.tls.disabledAlgorithms=SSLv3
The location of the file depends on your Java installation. I have both
Oracle JDK and OpenJDK, and the files were located at:
/usr/java/jdk1.8.0_31/jre/lib/security/java.security
/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.31-3.b13.fc21.x86_64/jre/lib/security/java.security
For anyone who doesn't know yet and would like to know why SSLv3 is
being disabled by default, see: http://en.wikipedia.org/wiki/POODLE
Would it be possible for Dell to provide a DRAC firmware update to solve
this problem the proper way instead of requiring end-users to re-enable
SSLv3?
Thanks,
-Bond
_______________________________________________
Linux-PowerEdge mailing list
Linux-PowerEdge@dell.com
https://lists.us.dell.com/mailman/listinfo/linux-poweredge
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic