After Java update to 8.1_31 the ILOM Remote Console was not working:
"No appropriate protocol (protocol is disabled or cipher suites are inappropriate)"
There are 3 areas where can be the root of problem:
- Server ILOM properties
- Internet Explorer properties
- Java properties
The server properties can be found in ILOM/ ILOM Administration / Management Access :
The Internet Explorer properties:
For English readers: I enabled all the protocols:
So, there are 5 protocols were enabled between ILOM and IE.
But “No appropriate protocol ...” still appeared on monitor.
The last point was editing $JAVA_HOME/jre/lib/security/java.security file.
I had to comment: jdk.tls.disabledAlgorithms=SSLv3
Despite 5 protocols between ILOM and IE they selected the SSLv3 only !
But, accidentally that it was SSLv3 who was banned by Java !
The sections for jdk.tls.disabledAlgorithms=SSLv3 parameter:
# Algorithm restrictions for Secure Socket Layer/Transport Layer Security
# (SSL/TLS) processing
# In some environments, certain algorithms or key lengths may be undesirable
# when using SSL/TLS. This section describes the mechanism for disabling
# algorithms during SSL/TLS security parameters negotiation, including
# protocol version negotiation, cipher suites selection, peer authentication
# and key exchange mechanisms.
# Disabled algorithms will not be negotiated for SSL/TLS connections, even
# if they are enabled explicitly in an application.
# For PKI-based peer authentication and key exchange mechanisms, this list
# of disabled algorithms will also be checked during certification path
# building and validation, including algorithms used in certificates, as
# well as revocation information such as CRLs and signed OCSP Responses.
# This is in addition to the jdk.certpath.disabledAlgorithms property above.
# See the specification of "jdk.certpath.disabledAlgorithms" for the
# syntax of the disabled algorithm string.
# Note: This property is currently used by Oracle's JSSE implementation.
# It is not guaranteed to be examined and used by other implementations.
Now Remote Console works !
You can see the Java console and Java version 8.1_31 at left
and Remote Console Window at right:
The only Java 8.1_31 is installed :