Unsolved
This post is more than 5 years old
4 Posts
0
1404
How to encrypt WS-MAN traffic
Not for sure if this has already been discussed, my apologies if so.
I work in a DOD environment where my OME server needs to be STIG'd. Part of the STIG's will not allowing unencrypted WinRM traffic. I have been trying to research a way to configure iDRAC to encrypt the ws-man traffic during inventory and discovery, as well as out-of-band updating. Just not for sure how to properly set this up. Any help is appreciated!
DELL-Shine K
4 Operator
4 Operator
•
3K Posts
0
September 19th, 2017 09:00
All communication between iDRAC and Winrm is always encrypted. If required, you can configure various SSL configuration and TLSprotocol setting on iDRAC
Zachary089
4 Posts
0
September 19th, 2017 14:00
When I have the STIG's applied, OME will only recognize iDRAC as 'unknown.' If I back out these settings, iDRAC is discovered properly. I need to figure out a way for the iDRAC to speak to OME with these STIG settings applied. I may be going down the wrong path but I have signed certs loaded, TLS configured for 1.1 and above, with the firmware of 2.41.40.40
Is there something I am overlooking?
DELL-Shine K
4 Operator
4 Operator
•
3K Posts
0
September 26th, 2017 08:00
Can you flash iDRAC to 2.50.50.50 (Link) and check the behavior. This FW have option to configure SSL Encryption and TLS protocol setting on iDRAC. You can set these higher level and check whether it fix the issue