Cannot upgrade firmware on the servers in any way CIFS(v2) or HTTPS

Question

Hello,

I'm struggling with updating the firmware on 16th generation servers from OME. No matter what type of built-in share I choose:

HTTPS - RED137: Unable to transfer the file because initial network connection to the remote host server is not started.

CIFS(v2) - RED016: Mount of remote share failed

No matter what I set in the OME settings, i.e. how the servers are to connect to OME, whether by IP or FQDN.

The FQDN address of the OME server has its own A record in the internal AD DNS, and the DNS addresses are set in the IDRAC of the servers.

I have restarted the servers and IDRAC multiple times, and restarted the OME software - without success.

I also updated OME to version 4.5.1.

And now, most importantly, both the servers and OME are on the same LAN, with no firewall between them.

Do I need to export the OME server certificate for an HTTPS connection and import this certificate into the IDRAC servers?

Can anyone tell me why it's not working?

DELL-Marco B · Answer

Hello,

you dont need to export the ceritificate, the error is about network or protocol issue, not certificate.

Try to check update job log in OME. Does it fail on the download or the push of the firmware update?

Try to check proxy configuration.
Can you try to manually update the server throught the iDRAC?

Which port are you using?

Thanks

Tutek · Answer

With the CIFS (v2) share, when I push firmware update from OME, then on IDRAC side in Job Queue I have successive statuses:

1."New"

2."Downloading" which take minute or so with information like e.g. "RED110: Downloading the FOLDER13542637M_1_iDRAC-with-Lifecycle-Controller_Firmware_K2KHC_WN64_7.20.70.50_A00.EXE update package."

3.RED016: Mount of remote share failed.

Logs from the OME side is:

Running

Verifying if the device Service Tag is valid.

The device Service Tag is valid.

Starting communication with the device.

Update allowed in target, System Lockdown status = DISABLED

Checking Remote LC Services availability

Remote LC Services are ready now

performIDRACUpdate(): Attempting to initiate/stage iDRAC payload instance: DCIM:INSTALLED#iDRAC.Embedded.1-1#IDRACinfo

Initiated Status check for Job ID : JID_640089116730

Job state for JID_640089116730 is NEW

Job state for JID_640089116730 is DOWNLOADING

Job state for JID_640089116730 is FAILED

Mount of remote share failed.

Task Failed. Completed With Errors.

Proxy is disabled on the OME.

Yes, from IDRAC I can manually install updates without any problems.

DELL-Charles R · Answer

Hello,

HTTPS (RED137) and CIFS v2 (RED016):

HTTPS (RED137): OME uses its internal HTTPS share for firmware delivery. If iDRAC cannot establish a secure connection, it’s usually due to:

Certificate trust mismatch (iDRAC does not trust OME’s self-signed certificate).
DNS or IP resolution issues.

CIFS v2 (RED016): Indicates the remote share mount failed, often because:

SMBv2 is disabled on the OME appliance.
Incorrect credentials or share permissions.
Network name resolution issues.

Resolution steps:

For HTTPS Method

Yes, you need to export OME’s HTTPS certificate and import it into each iDRAC if you enforce certificate validation.
Alternatively, disable certificate validation in OME firmware update settings (less secure).
Steps:

In OME: Application Settings → Certificates → Export HTTPS certificate.
In iDRAC: Configuration → iDRAC Settings → Network/Security → Import Trusted Certificate.

For CIFS v2 Method

Ensure SMBv2 is enabled on OME appliance.
Verify share path and credentials.
Test connectivity from OME to the share using: *```bash mount -t cifs //\ /mnt

DNS and IP

Confirm iDRAC resolves OME FQDN correctly (ping from iDRAC SSH if enabled).
If DNS fails, use IP in OME settings.

Firewall/Ports

HTTPS requires port 443 open between iDRAC and OME.
CIFS requires ports 445 and 139.

I'm adding in some reference material that may help:

OpenManage Enterprise: How to Perform Firmware Updates

https://www.dell.com/support/kbdoc/en-au/000183965/how-to-create-perfom-firmware-updates-using-openmanage-enterprise

Dell OpenManage Enterprise 4.5 User's Guide

https://dl.dell.com/content/manual71515353-dell-openmanage-enterprise-4-5-user-s-guide.pdf?language=en-us

Tutek · Answer

For the HTTPS method:

I exported the OME certificate from the browser login screen and saved it as ome.cer. Unfortunately, there is no option to export the certificate in the location you specified in OME certificates.

Then, on the IDRAC side, there is no option to import the certificate, only to import the CA certificate, which does not apply to us.

So I imported the certificate manually into IDRAC and restarted it:

racadm -r idrac_ip -u root -p idrac_password sslcertupload -t 2 -f C:\ome.cer

But after repeating the installation via HTTPS, I get the same error (RED137).

DELL-Marco B · Answer

Hello,  in this case I suggest to call in our technical support in order to check and analyse the issue and find a resolution. Thanks

Tutek · Answer

For the CIFSv2 methow what I found:

test ports open to OME, from the server that is on the same network (ip addressing) like OME server:

PS C:\Users\Administrator> Test-NetConnection -ComputerName <ome_ip> -Port 445

WARNING: TCP connect to (<ome_ip> : 445) failed

PS C:\Users\Administrator> Test-NetConnection -ComputerName <ome_ip> -Port 139
WARNING: TCP connect to (<ome_ip> : 139) failed

How can I check if ports are open on the OME server, is there any SSH, CLI access to it?

DELL-Marco B · Answer

No, OME doesn’t allow SSH or direct CLI access. To check if ports are open, you need to test from another machine. Key ports for firmware updates: 443 (HTTPS), 445 (CIFS), and sometimes 80

Dell OpenManage Enterprise

Cannot upgrade firmware on the servers in any way CIFS(v2) or HTTPS

Was this post helpful?