iDRAC6 Console connection error tried everything

Hello

The site is also added into the java security exception.

The error in the picture indicates that Java security is blocking the connection because the manifest is not present or not properly formatted.

If you enter the address into the Java security exceptions list then you should not encounter this type of error. Since you are experiencing this error after adding the site to the exception list it is most likely that the site was not entered correctly. The site address must match the URL exactly, this includes port numbers. When you start the console connection it should display the address you are connecting to. You need to enter that exact address into the exception list for the exception to work properly.

Thanks

Unfortunately i tried that too, i added basically all of the links in the exception list and i'm still getting the connection error.

I even turned off my firewall just in case and it's still not connecting.

It is an issue with either browser or Java security. I don't know all of the security exceptions and options changes within the browser and Java that will make it work.

I have a DRAC5 in my home lab that works fine with the latest Firefox browser and Java. I think I had to go into the developer options of FF to enable low encryption, and I think the only Java change I made was to add the URL to the exception list and put the exception list on high. It has been a long time since I configured it so I'm not sure of all the changes I had to make.

Browsers and applets like Java have had big security increases since Bitcoin has raised the bar for security due to the effect it has had on encryption standards. iDRACs that are still receiving updates are not compatible with the latest browsers. We do not release updates on the iDRACs as fast as the browsers and Java increase or change their security requirements. Most of our older DRACs/iDRACs have stopped receiving updates. Because of this you are going to need to either run and older browser and Java or find workarounds to disable/bypass the increased security features.

Thanks

I can understand what you are saying, i do have an older XP and java VM specifically for situations like this i will give a shot at when i get back home. But do you think i have to add the 5900 VNC port that is listed in the config?(it might be 5900 i don't remember exactly off the top of my head).

I feel like that may be a server port config but i am just curious if it matters on the computer, i'll have to try that too. As for the low security on firefox i tried FF and it was a little more buggy then IE, but i guess i can fool around with that too. I basically have IE setup to not use any security and if any very very low security for anything coming from the iDRAC.

Did you found the solution to this issue? I am having same problems with just one of my servers.

ActiveX is the right answer. You will still have to monkey around with the DRAC's and IE's settings:

1. Add the DRAC's IP to the trusted site list (Internet Options / Security).
2. Set security on trusted site list to low (Internet Options / Security)
3. Add the DRAC's IP to the compatibility view list
4. Login to the DRAC and select the configuration option of the virtual console. Set complement type to native.
5. Launch the virtual console.
6. Accept the UAC warning.

Oracle in it's frantic struggle to keep Java on the client side "safe" has broken a ton of hardware. So much for the "run anywhere" motto.

I resolved this issue by updating to the latest Java version, then opening the Java config utility and adding the exact IP address of my server to the security exceptions list, including port number: 

192.xxx.xxx.xxx:xxx

Also, I disabled Encrypted Console Video in iDRAC and applied the changes prior to trying to connect. 

Works great now!

In my experience, this all has to do with the java version. I uninstalled Java 8_171 and installed 7_79 and now my iDrac console works perfectly. This is not ideal because the older versions of Java are not secure. Not really sure what else we can do it about it when the iDrac6 doesn't work with newer versions. 

I have a separate VM that I run the older Java version in. I shut it down when not in use. 

Hi,

I've found that RC4 was the issue for me, removing RC4 from the jdk.tls.disabledAlgorithms entry in the java.security file re-enabled RC4. This is on an R610 with iDRAC 2.91 and Java 8 Update 181.

James

UptimePrime, what version did you use? I am on 1.8.0_181-b13 and have the same problem.

Hi James Harper

You where right on target !!!!

As soon as I removed RC4 from the disabled algorithms it connected with no problems !!!

By the way I have a R710, iDRAC6 on version 2.91 and Java 8 Update 181-b13

Thank you very much.

FYI, newer versions of java disable older encryption methods, some of which the older DRACs use:

re-enable SSv3 support on java

Go to Java installation folder.
Open {JRE_HOME}\lib\security\java.security -file in text editor.
Delete or comment out the following line "jdk.tls.disabledAlgorithms=SSLv3".

A copy&paste solution...

sed -e '/jdk\.tls\.disabledAlgorithms/s/, RC4//' -i /etc/java-*/security/java.security