Not for sure if this has already been discussed, my apologies if so.
I work in a DOD environment where my OME server needs to be STIG'd. Part of the STIG's will not allowing unencrypted WinRM traffic. I have been trying to research a way to configure iDRAC to encrypt the ws-man traffic during inventory and discovery, as well as out-of-band updating. Just not for sure how to properly set this up. Any help is appreciated!
All communication between iDRAC and Winrm is always encrypted. If required, you can configure various SSL configuration and TLSprotocol setting on iDRAC
When I have the STIG's applied, OME will only recognize iDRAC as 'unknown.' If I back out these settings, iDRAC is discovered properly. I need to figure out a way for the iDRAC to speak to OME with these STIG settings applied. I may be going down the wrong path but I have signed certs loaded, TLS configured for 1.1 and above, with the firmware of 184.108.40.206
Is there something I am overlooking?
Can you flash iDRAC to 220.127.116.11 (Link) and check the behavior. This FW have option to configure SSL Encryption and TLS protocol setting on iDRAC. You can set these higher level and check whether it fix the issue