iDRAC8 | UEFI0315 Error at POST after downgrading iDRAC8 firmware
Summary: Dell PowerEdge Server may get a UEFI0315 Error when the Secure boot is enabled and iDRAC firmware update has been performed. This article will provide steps to resolve the issue.
This article applies to
This article does not apply to
This article is not tied to any specific product.
Not all product versions are identified in this article.
Symptoms
This article provides steps to resolve PowerEdge Server get a UEFI0315 Error when the Secure boot is enabled and during update iDRAC firmware.
Table of Contents
1.Symptom
After downgrading iDRAC8 firmware from 2.70.70.70 release, Dell EMC PowerEdge 13G servers may stop at POST with an UEFI0315 Error Banner. The error persists on each HOST reboot/ power-on.
UEFI0315: Unable to process an iDRAC request to configure Secure Boot keys because of a communication error between BIOS and iDRAC…
Example of Lifecycle Controller Logs:
| UEFI0315 |
Unable to process an iDRAC request to configure Secure Boot keys because of a communication error between BIOS and iDRAC. |
This error banner is displayed when BIOS fails to receive an expected Secure Boot setting value during the Power-On Self-Test (POST) sequence. When iDRAC8 is downgraded from 2.70.70.70, this reading fails regardless of Secure Boot settings within server BIOS.
The Lifecycle Controller Logs of the iDRAC8 will record if the iDRAC8 firmware has changed. Searching for the event "PR36" will show the history of firmware updates that are applied to the server.
| PR36 |
Version change detected for Lifecycle Controller firmware. Previous version:2.70.70.70, Current version:2.61.60.60 |
2.Solution
iDRAC8 firmware 2.70.70.70 resolved an issue that was leading to this sighting randomly. Downgrading from the iDRAC8 2.70.70.70 is persistently causing the error to return. If the iDRAC8 firmware is confirmed to have been downgraded, this error is not an indication of faulty hardware.
Use one of the following methods to clear the condition from impacted servers.
-
Option 1: Update iDRAC8 to 2.70.70.70
Reinstalling iDRAC8 to firmware version 2.70.70.70 will restore the fix that corrects this condition. The server will need to be warm rebooted after the iDRAC firmware update completes.
iDRAC8 2.70.70.70 is available for download here.
-
Option 2: Reset Secure Boot Keys via Redfish API
If the server needs to remain on downgraded iDRAC8 firmware, the Secure Boot Keys of the system BIOS need to be reset. Redfish API is the only method to modify this setting. Follow the instructions below to modify the /redfish/v1/Systems/System.Embedded.1/SecureBoot/Actions/SecureBoot.ResetKeys value.
Warning: Resetting Secure Boot Keys is destructive for any configurations that are using the Secure Boot feature. Back up keys through the BIOS menu before proceeding.
Secure Boot Policy setting needs to be set to Custom attempting to reset Secure Boot Keys. Secure Boot can either be Enable or Disabled.
F2 System Setup >> System BIOS >> System Security >> Secure Boot:
Note: Secure Boot is Disabled by default. In Legacy BIOS Boot Mode, the Secure Boot setting is not configurable.
Note: Lifecycle Controller will need to collect system inventory on restart after making any changes to the Secure Boot settings in BIOS. Boot server into Operating System before sending Redfish Post command.
Postman App was used in the following examples. Define the following fields in the application before sending the Redfish POST command.
Post URL Bar:
- Select POST from the action dropdown menu.
- Enter URL Bar: https://iDRAC_IP/redfish/v1/Systems/System.Embedded.1/SecureBoot/Actions/SecureBoot.ResetKeys
Authorization Tab:
- Type: Basic Auth
- Username: iDRAC user
- Password: iDRAC User Password
Headers Tab:
- Key: Content-Type
- Value: application/json
Body Tab:
- Select the raw radio button.
- Add {"ResetKeysType":"ResetAllKeysToDefault"} to text field
- Click "Send" when all fields have been populated.
3.Confirming Result
If the Redfish post command was successful, Postman will show similar messaging in the Response field:
{
"@Message.ExtendedInfo": [
{
"Message": "Successfully Completed Request",
"MessageArgs": [],
"MessageArgs@odata.count": 0,
"MessageId": "Base.1.0.Success",
"RelatedProperties": [],
"RelatedProperties@odata.count": 0,
"Resolution": "None",
"Severity": "OK"
},
{
"Message": "The operation successfully completed.",
"MessageArgs": [],
"MessageArgs@odata.count": 0,
"MessageId": "IDRAC.1.6.SYS413",
"RelatedProperties": [],
"RelatedProperties@odata.count": 0,
"Resolution": "No response action is required.",
"Severity": "Informational"
}
]
}
Note: The server will need to be rebooted after successfully resetting Secure Boot Keys.
Cause
-
Resolution
-
Affected Products
iDRAC7/8 with Lifecycle Controller Version 2.63.60.61, iDRAC8 with Lifecycle Controller version 2.70.70.70Article Properties
Article Number: 000177187
Article Type: Solution
Last Modified: 29 Nov 2021
Version: 5
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.