Dell NativeEdge: How To Verify Connectivity to Dell Public Rendezvous Server

Summary: NativeEdge Endpoints onboard to NativeEdge Orchestrator (NEO) using the Dell Public Rendezvous (RV) server when they have access to the Internet. This article explains how to troubleshoot RV connectivity issues. ...

This article applies to This article does not apply to This article is not tied to any specific product. Not all product versions are identified in this article.
Check out other resources

Instructions

The Dell RV Server is a publicly accessible secure site that is involved in the transmission of vouchers. A NativeEdge Endpoint, when onboarding, looks up the RV Server, handshakes, and completes the onboarding process.

Recommendations for troubleshooting:

  • Download the attached Concise Binary Object Representation (CBOR) msg30_pkb.zip file from the attachments on this article
  • Extract the msg30.cbor file on a system that has Internet access and can use CURL
  • Run the following command:

Orchestrator online (Internet access)

curl -v -H "Content-Type: application/cbor" -H "User-Agent: fdo" --data-binary "@msg30.cbor" https://rv.dell.com/fdo/101/msg/30

Expected output:

  Trying 143.166.28.30:443...
Connected to rv.dell.com (143.166.28.30) port 443 (#0)
ALPN, offering h2
ALPN, offering http/1.1
 CAfile: /etc/ssl/certs/ca-certificates.crt
 CApath: /etc/ssl/certs
TLSv1.0 (OUT), TLS header, Certificate Status (22):
TLSv1.3 (OUT), TLS handshake, Client hello (1):
TLSv1.2 (IN), TLS header, Certificate Status (22):
TLSv1.3 (IN), TLS handshake, Server hello (2):
TLSv1.2 (IN), TLS header, Certificate Status (22):
TLSv1.2 (IN), TLS handshake, Certificate (11):
TLSv1.2 (IN), TLS header, Certificate Status (22):
TLSv1.2 (IN), TLS handshake, Server key exchange (12):
TLSv1.2 (IN), TLS header, Certificate Status (22):
TLSv1.2 (IN), TLS handshake, Server finished (14):
TLSv1.2 (OUT), TLS header, Certificate Status (22):
TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
TLSv1.2 (OUT), TLS header, Finished (20):
TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
TLSv1.2 (OUT), TLS header, Certificate Status (22):
TLSv1.2 (OUT), TLS handshake, Finished (20):
TLSv1.2 (IN), TLS header, Finished (20):
TLSv1.2 (IN), TLS header, Certificate Status (22):
TLSv1.2 (IN), TLS handshake, Finished (20):
SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384
ALPN, server did not agree to a protocol
Server certificate:
 subject: C=US; ST=Texas; L=Round Rock; O=Dell Technologies Inc.; CN=*.apis.dell.com
 start date: Oct 16 00:00:00 2024 GMT
 expire date: Nov 16 23:59:59 2025 GMT
 subjectAltName: host "rv.dell.com" matched cert's "rv.dell.com"
 issuer: C=US; O=DigiCert Inc; CN=DigiCert Global G2 TLS RSA SHA256 2020 CA1
 SSL certificate verify ok.
TLSv1.2 (OUT), TLS header, Supplemental data (23):
> POST /fdo/101/msg/30 HTTP/1.1 <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
> Host: rv.dell.com
> User-Agent: curl/7.81.0
> Accept: /
> Content-Type: application/cbor
> Content-Length: 22
>
TLSv1.2 (IN), TLS header, Supplemental data (23):
Mark bundle as not supporting multiuse
< HTTP/1.1 200
< Server: Dell
< Date: Thu, 01 May 2025 10:46:04 GMT
< Content-Type: application/cbor
< Content-Length: 22
< Connection: keep-alive
< X-Correlation-ID: f31fe5e7-80fb-42a2-ab25-36407b865803
< Authorization: Bearer 0oREoQE4IqBYTacBY3J2cwJjdG8xA2NmZG8EGmgTUSgFGmgTUOwGGmgTUOwHWCiCglDq1woPL9xJ+qmoXvrDWGHmgjgiQFCC9Da8qWJGRZW80AbOGC7IWGAltbUnQgHBeTAB7AhrTZKsh64utf7ELY0iVhe+ZoK90Ma+tMYK24n27gkKNS7gBeZdX51+Jlq+x+xc0DY6X7W0vx0Zyk8ClGYRea2gk4W22TrDJydtUAUC+8MpiWOfIaA=
< Message-Type: 31<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
< Strict-Transport-Security: max-age=63072000; includeSubDomains
< Strict-Transport-Security: max-age=31536000; includeSubDomains
< X-Frame-Options: SAMEORIGIN
< X-Content-Type-Options: nosniff
< X-Xss-Protection: 1; mode=block
<

Orchestrator Air-gapped (no Internet access)

  • The curl -k flag ignores certificate check.
  • Host running the CURL command must be able resolve the rv server (through a DHCP entry, or locally).
  • The IP of the rv server may be used in place of rv.local.edge, if resolution is not available.
curl -k -v -H "Content-Type: application/cbor" --data-binary "@msg30.cbor" https://rv.local.edge/fdo/101/msg/30

Expected output:

* Host rv.local.edge:443 was resolved.
* IPv6: (none)
* IPv4: 172.28.1.100
*   Trying 172.28.1.100:443...
* Connected to rv.local.edge (172.28.1.100) port 443
* ALPN: curl offers h2,http/1.1
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
* TLSv1.3 (IN), TLS handshake, Certificate (11):
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
* TLSv1.3 (IN), TLS handshake, Finished (20):
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.3 (OUT), TLS handshake, Finished (20):
* SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384 / X25519 / id-ecPublicKey
* ALPN: server accepted http/1.1
* Server certificate:
*  subject: CN=orchestrator.domain.com
*  start date: Jun 16 09:50:36 2025 GMT
*  expire date: Jun  9 08:50:41 2055 GMT
*  issuer: O=DELL-EDGE; CN=eo.edge.dell.com
*  SSL certificate verify result: unable to get local issuer certificate (20), continuing anyway.
*   Certificate level 0: Public key type EC/prime256v1 (256/128 Bits/secBits), signed using ecdsa-with-SHA256
* using HTTP/1.x
> POST /fdo/101/msg/30 HTTP/1.1
> Host: rv.local.edge
> User-Agent: curl/8.5.0
> Accept: */*
> Content-Type: application/cbor
> Content-Length: 22
>
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* old SSL session ID is stale, removing
< HTTP/1.1 200
< Server: nginx/1.25.4
< Date: Thu, 31 Jul 2025 12:12:58 GMT
< Content-Type: application/cbor
< Content-Length: 22
< Connection: keep-alive
< Authorization: Bearer 0oREoQE4IqBYTacBY3J2cwJjdG8xA2NmZG8EGmiLXgYFGmiLXcoGGmiLXcoHWCiCglDq1woPL9xJ+qmoXvrDWGHmgjgiQFChbTZ5Sw9PAZF+6dEMjeEmWGA58QTMFctxVT35hc1cp2TygR9KMN+ncVIHN35D1RB3qvhYdQBkp43l6TeYc10XfPvpBUmef7rIdKgV9JKHUrcudTCBpqqsc6XUkvVw4TBL2OeZnZNq4iLpFgZqITde4zs=
< Message-Type: 31
<
* Connection #0 to host rv.local.edge left intact

In the above example result, these are areas of interest:

HTTPS Request

> POST /fdo/101/msg/30 HTTP/1.1
> Host: rv.dell.com
> User-Agent: curl/7.81.0
> Accept: /
> Content-Type: application/cbor
> Content-Length: 22
  • The system is sending 22 bytes of binary CBOR data from msg30.cbor.
  • This is the FIDO Device Onboard (FDO) protocol's message 30, TO1.HelloRendezvous or similar in the onboarding flow

HTTPS Response

< HTTP/1.1 200
< Content-Type: application/cbor
< Content-Length: 22
< Message-Type: 31
< Authorization: Bearer ...
  • Authorization: Bearer…: Server issues a bearer token — this is FDO Message 31, TO1.HelloRendezvousAck
  • Message-Type: 31: Confirms the message type in the FDO exchange

Additional Information

More information about messages HelloRV (Type 30) and HelloRVAck (Type 31) is available at the FDO Specification: https://fidoalliance.org/specs/FDO/FIDO-Device-Onboard-PS-v1.1-20220419/FIDO-Device-Onboard-PS-v1.1-20220419.html#TO1HelloRVThis hyperlink is taking you to a website outside of Dell Technologies.

Affected Products

NativeEdge Solutions, NativeEdge

Attachments

msg30_pkb_en_US_1.zip

Article Properties
Article Number: 000319166
Article Type: How To
Last Modified: 19 كانون الثاني 2026
Version:  4
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.