- Community Home
- >
- Software
- >
- Software - General
- >
- Re: iLO 4 disable TLS v1.1 and 1.0
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-18-2021 08:43 AM
тАО05-18-2021 08:43 AM
Hello,
I am new to administering iLO platforms. Our client has iLO 4 installed running the latest firmware (2.78). Their security team has several requirements for changes we need to make, among them is disabling any older versions of TLS. So we should only allow TLSv1.2.
Is it possible to make this setting in the iLO Web interface? I can't find it anywhere. I did see some mention that I might need to do this from the Java Web Start app. However, when I try to access that in their test environment it says that I can't access it w/o a valid license.
I have tried to enter the Trial license but when I enter it I get a message that it has already been used.
If I can only make this change in the Java Web Start Remote Console is it possible to reset the trial license so that I can make the change that they need?
Thanks,
Rick Meyer - Bottomline Technologies.
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-21-2021 05:50 AM
тАО05-21-2021 05:50 AM
SolutionHi
iLO is restricted to TLS v1.2 is enabled when IPS Mode or Enforce AES/3DES Encryption (https://support.hpe.com/hpesc/public/docDisplay?docId=c03334051 page 82)
Check page 86 https://www.ni.com/pdf/manuals/377263a.pdf for more info
Take a look at https://support.hpe.com/hpesc/public/docDisplay?docId=emr_na-c05237563 before you enable it however
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-21-2021 07:43 AM
тАО05-21-2021 07:43 AM
Re: iLO 4 disable TLS v1.1 and 1.0
Hi Mike,
Thanks for the reply. One follow up question, the documentation on the first link you provided says :
iLO supports the following ciphers when FIPS Mode or Enforce AES/3DES Encryption is enabled and iLO is restricted to TLS version 1.2.
That makes it sound like restricting to TLS version 1.2 is a separate setting from enabling FIPS Mode or Enforcing AES/3DES Encryption. Is that true? Or does setting those automatically restrict the TLS version to 1.2?
Rick
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-24-2021 01:29 AM
тАО05-24-2021 01:29 AM
Re: iLO 4 disable TLS v1.1 and 1.0
Hi
Agreed it's not the best wording. TLS 1.2 is enabled when you turn on FIPS Mode or Enforce AES/3DES Encryption