Unsolved
This post is more than 5 years old
4 Posts
0
1134
How to encrypt WS-MAN traffic
Not for sure if this has already been discussed, my apologies if so.
I work in a DOD environment where my OME server needs to be STIG'd. Part of the STIG's will not allowing unencrypted WinRM traffic. I have been trying to research a way to configure iDRAC to encrypt the ws-man traffic during inventory and discovery, as well as out-of-band updating. Just not for sure how to properly set this up. Any help is appreciated!
Thanks,
Zac
DELL-Shivendra K
685 Posts
0
August 30th, 2017 02:00
Hi Zac,
From OME point of view, encrypted traffic is allowed. You need to ensure following winrm configuration is met:
>winrm get winrm/config/client
Client
NetworkDelayms = 5000
URLPrefix = wsman
AllowUnencrypted = false
Auth
Basic = true
Digest = true
Kerberos = true
Negotiate = true
Certificate = true
CredSSP = false
DefaultPorts
HTTP = 5985
HTTPS = 5986
TrustedHosts
To enable from iDRAC side, I would request you to cross-post this query on general forum below:
en.community.dell.com/.../4469
Zachary089
4 Posts
0
August 30th, 2017 14:00
Thanks for the quick response! I will head over to the other forum to discuss the encrypted traffic from iDRAC.
Thanks!