Oracle ILOM error: ?No appropriate protocol (protocol is disabled or cipher suites are inappropriate)"

book

Article ID: 42535

calendar_today

Updated On:

Products

STARTER PACK-7 CA Rapid App Security CA API Gateway

Issue/Introduction

Depending on the ILOM configuration and the version of Java used on the local computer, a user might see the following error if trying to access an Oracle hardware appliances' Integrated Lights Out Manager (ILOM):

No appropriate protocol (protocol is disabled or cipher suites are inappropriate).

Cause

This is caused by an incompatibility between the Oracle ILOM and the Oracle Java versions run on the local computer with regards to the SSL/TLS protocols and cipher suites configured.

Environment

This occurs on Oracle hardware appliances. This does not affect virtual appliances nor software form factors.

Resolution

To get around the Oracle ILOM error, the administrator of the local computer accessing the ILOM must enable SSLv3 in the local Java environment. The following steps must be followed to do this:

  1. Make a backup copy of and then edit the local computer's java.security file with a text editor. Sample file location:
    C:\Program Files (x86)\Java\jre1.8.0_65\lib\security\java.security
  2. Change this line:

  3. jdk.tls.disabledAlgorithms=SSLv3

    to this:

    # jdk.tls.disabledAlgorithms=SSLv3

    and save the edited file. This will comment out the line which was disabling SSLv3, thus enabling SSLv3.

Note: It is possible to configure the ILOM to use TLS 1.0, 1.1, and/or 1.2.  For details, please see the Oracle documentation. The Oracle documentation includes references to firmware version 3.2.4.