Search This Blog

Loading...

Sunday, February 22, 2015

Exadata Database Machine Licensing

https://docs.oracle.com/cd/E15584_01/license.112/e25431/toc.htm


Saturday, February 21, 2015

Oracle Partitioning Policy (including Engeneered systems)

The X5 Exadata allow implemented the virtualization technologies (Oracle VM) to separate the partitions.Partitioning occurs when the CPUs on a server are separated into individual sections where each section acts as a separate system.The purpose of this policy document is to define which of these partitioning technologies are eligible and under what conditions Oracle permits them:







 

And:   Solaris is not supported on Exadata X5 anymore !

Tuesday, January 27, 2015

ILOM Java problem: "No appropriate protocol (protocol is disabled or cipher suites are inappropriate)"


After Java update to 8.1_31 the ILOM Remote Console was not working:



"No appropriate protocol (protocol is disabled or cipher suites are inappropriate)"

Solution:
There are 3 areas where can be the root of problem:

  • Server ILOM properties 
  •  Internet Explorer properties
  • Java properties
The server properties can be found in ILOM/ ILOM Administration / Management Access :
 
 


The Internet Explorer properties:


 

For English readers: I enabled all the protocols:
SSL 2.0
SSL 3.0
TLS 1.0
TLS 1.1
TLS 1.2

So, there are 5 protocols were enabled between ILOM and IE.

But “No appropriate protocol ...” still appeared on monitor.

The last point was editing $JAVA_HOME/jre/lib/security/java.security file.
I had to comment:  jdk.tls.disabledAlgorithms=SSLv3 
 
Despite 5 protocols between ILOM and IE they selected the SSLv3 only !
But, accidentally that it was SSLv3 who was banned by Java !

The sections for jdk.tls.disabledAlgorithms=SSLv3  parameter:

# Algorithm restrictions for Secure Socket Layer/Transport Layer Security
# (SSL/TLS) processing
#
# In some environments, certain algorithms or key lengths may be undesirable
# when using SSL/TLS.  This section describes the mechanism for disabling
# algorithms during SSL/TLS security parameters negotiation, including
# protocol version negotiation, cipher suites selection, peer authentication
# and key exchange mechanisms.
#
# Disabled algorithms will not be negotiated for SSL/TLS connections, even
# if they are enabled explicitly in an application.
#
# For PKI-based peer authentication and key exchange mechanisms, this list
# of disabled algorithms will also be checked during certification path
# building and validation, including algorithms used in certificates, as
# well as revocation information such as CRLs and signed OCSP Responses.
# This is in addition to the jdk.certpath.disabledAlgorithms property above.
#
# See the specification of "jdk.certpath.disabledAlgorithms" for the
# syntax of the disabled algorithm string.
#
# Note: This property is currently used by Oracle's JSSE implementation.
# It is not guaranteed to be examined and used by other implementations.
#jdk.tls.disabledAlgorithms=SSLv3

 Now Remote Console works !

You can see the Java console and Java version 8.1_31 at left
and Remote Console Window at right:


The only Java 8.1_31 is installed :