Search This Blog


Sunday, February 22, 2015

Exadata Database Machine Licensing

Saturday, February 21, 2015

Oracle Partitioning Policy (including Engeneered systems)

The X5 Exadata allow implemented the virtualization technologies (Oracle VM) to separate the partitions.Partitioning occurs when the CPUs on a server are separated into individual sections where each section acts as a separate system.The purpose of this policy document is to define which of these partitioning technologies are eligible and under what conditions Oracle permits them:


And:   Solaris is not supported on Exadata X5 anymore !

Tuesday, January 27, 2015

ILOM Java problem: "No appropriate protocol (protocol is disabled or cipher suites are inappropriate)"

After Java update to 8.1_31 the ILOM Remote Console was not working:

"No appropriate protocol (protocol is disabled or cipher suites are inappropriate)"

There are 3 areas where can be the root of problem:

  • Server ILOM properties 
  •  Internet Explorer properties
  • Java properties
The server properties can be found in ILOM/ ILOM Administration / Management Access :

The Internet Explorer properties:


For English readers: I enabled all the protocols:
SSL 2.0
SSL 3.0
TLS 1.0
TLS 1.1
TLS 1.2

So, there are 5 protocols were enabled between ILOM and IE.

But “No appropriate protocol ...” still appeared on monitor.

The last point was editing $JAVA_HOME/jre/lib/security/ file.
I had to comment:  jdk.tls.disabledAlgorithms=SSLv3 
Despite 5 protocols between ILOM and IE they selected the SSLv3 only !
But, accidentally that it was SSLv3 who was banned by Java !

The sections for jdk.tls.disabledAlgorithms=SSLv3  parameter:

# Algorithm restrictions for Secure Socket Layer/Transport Layer Security
# (SSL/TLS) processing
# In some environments, certain algorithms or key lengths may be undesirable
# when using SSL/TLS.  This section describes the mechanism for disabling
# algorithms during SSL/TLS security parameters negotiation, including
# protocol version negotiation, cipher suites selection, peer authentication
# and key exchange mechanisms.
# Disabled algorithms will not be negotiated for SSL/TLS connections, even
# if they are enabled explicitly in an application.
# For PKI-based peer authentication and key exchange mechanisms, this list
# of disabled algorithms will also be checked during certification path
# building and validation, including algorithms used in certificates, as
# well as revocation information such as CRLs and signed OCSP Responses.
# This is in addition to the jdk.certpath.disabledAlgorithms property above.
# See the specification of "jdk.certpath.disabledAlgorithms" for the
# syntax of the disabled algorithm string.
# Note: This property is currently used by Oracle's JSSE implementation.
# It is not guaranteed to be examined and used by other implementations.

 Now Remote Console works !

You can see the Java console and Java version 8.1_31 at left
and Remote Console Window at right:

The only Java 8.1_31 is installed :