Smoogen, I just tested commenting out "jdk.jar.disabledAlgorithms" and connecting to the iDRAC Remote Console now works on Java 8 Update 162.
Depending on your distro the path to the java.security file might be different from /usr/lib/jvm/java-openjdk/jre/lib/security/java.security I'm running a Debian derivate and it symlinks from /usr/lib/jvm/java-8-openjdk-amd64/jre/lib/security to /etc/java-8-openjdk/security So the ball is back to Dell. The compromising elements that the iDRAC6 still relies on is either a 1024 certificate key, MD5 or MD2. On Thu, May 10, 2018 at 11:45 AM, Patrick Boutilier <[email protected]> wrote: > On 05/10/2018 12:37 PM, Stephen John Smoogen wrote: > >> On 10 May 2018 at 09:57, Patrick Boutilier <[email protected]> wrote: >> >>> On 05/10/2018 10:34 AM, lejeczek wrote: >>> >>>> >>>> >>>> >>>> On 09/05/18 22:34, R S wrote: >>>> >>>>> >>>>> Is there a mechanism that prevents me to downgrade from v6.5.0 back to >>>>> v6.4.0 on a R710/T710? I downgraded the iDRAC from 2.90 to v2.80 and >>>>> the >>>>> 'Connection Failed' issue is still there, so I'm trying to downgrade >>>>> the >>>>> BIOS. >>>>> >>>> >>>> >>>> I've just downgraded back to 3.2.2 on one r815 and it seems that it >>>> actually might be iDrac6 =! new Java. >>>> >>>> I wonder if users of newer iDracs also experience this problem? >>>> >>> >>> >>> Newer iDRACs can use html5 instead of java plugin for the console. Not >>> sure >>> if it is the default but it is possible to change from Java to html5. >>> >>> >> I think that is only on the iDrac8 and some? iDrac7 so on an iDrac6 >> probably will not have it. >> > > Definitely no html5 with iDrac6. Only on newer iDracs. > > > > > > We found that the newest java puts in a > >> security fix to remove accepting weak encryption. >> >> the 'fix' was to edit >> /usr/lib/jvm/java-openjdk/jre/lib/security/java.security and comment >> out the "jdk.jar.disabledAlgorithms=" line. Not great.. but it got the >> newer javas to talk to the old consoles. >> >> I would also uncomment the line afterwords. >> >> > > _______________________________________________ > Linux-PowerEdge mailing list > [email protected] > https://lists.us.dell.com/mailman/listinfo/linux-poweredge > > -- Tech III * AppControl * Endpoint Protection * Server Maintenance Buncombe County Schools Technology Department Network Group ComicSans Awareness Campaign <http://comicsanscriminal.com>
_______________________________________________ Linux-PowerEdge mailing list [email protected] https://lists.us.dell.com/mailman/listinfo/linux-poweredge
