[Linux-PowerEdge] VMCLI - SSLv3 Handshake

Rajesh_Z_Patel at Dell.com Rajesh_Z_Patel at Dell.com
Mon Sep 19 23:17:36 CDT 2016


+Doug and Ajay

Hi Pablo,
Which iDRAC version are you using? There were changes around SSL/TLS with recent iDRAC releases.

Regards,
Rajesh

From: linux-poweredge-bounces-Lists On Behalf Of Pablo Ilarragorri
Sent: Tuesday, September 20, 2016 12:12 AM
To: linux-poweredge-Lists <linux-poweredge at lists.us.dell.com>
Subject: [Linux-PowerEdge] VMCLI - SSLv3 Handshake

Hi,

I've started to encounter the following error while trying to run vmcli against several iDRACs.

Error: SSL Connection error
139702341482120:error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure:s23_clnt.c:744:

The iDRAC ssl config seems correct (enforcing tls)

Server public key is 1024 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
SSL-Session:
    Protocol  : TLSv1.2
    Cipher    : DHE-RSA-AES256-GCM-SHA384

I've tried with auto-negotiate on the idrac side, no luck so far.

As far as I understand, it seems that vmcli is not capable of understanding TLS and fails the connection to the iDRAC.

My vmcli version

Name        : srvadmin-idrac-vmcli
Arch        : x86_64
Version     : 8.3.0
Release     : 1908.9058.el6

[]# vmcli -v
iDRAC Virtual Media Command Line Interface. Version: 2.00.00.22110

Is ther any workaround for this? Am I doing something wrong on my end?

Regards!



___________________________________
The information contained in this communication is intended solely for the use of the individual or entity to whom it is addressed and others authorized to receive it. It may contain confidential or legally privileged information. If you are not the intended recipient you are hereby notified that any disclosure, copying, distribution or taking any action in reliance on the contents of this information is strictly prohibited and may be unlawful. If you have received this communication in error, please notify us immediately by responding to this email and then delete it from your system. EY is neither liable for the proper and complete transmission of the information contained in this communication nor for any delay in its receipt.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.us.dell.com/pipermail/linux-poweredge/attachments/20160920/59d3380d/attachment.html 


More information about the Linux-PowerEdge mailing list