Manualshelf

Installation Manual

ManualsBrandsHP ManualsComputers & AccessoriesHigh-End HP ProLiant DL360P G8 Server 2 x 2.90Ghz E5-2690 8C 192GB 8x Caddies (Certified Refurbished)
81828384858687888990
Modifying the AES/DES encryption setting
Prerequisites
Configure iLO Settings privilege
Modifying the AES/DES encryption setting
1. Navigate to the AdministrationSecurityEncryption page.
2. Change the Enforce AES/3DES Encryption setting to Enabled or Disabled.
3. To end your browser connection and restart iLO, click Apply.
It might take several minutes before you can re-establish a connection.
When changing the Enforce AES/3DES Encryption setting to Enabled, close all open
browsers after clicking Apply. Any browsers that remain open might continue to use a
non-AES/3DES cipher.
Connecting to iLO by using AES or 3DES encryption
After you enable the Enforce AES/3DES Encryption setting, iLO requires that you connect
through secure channels (web browser, SSH connection, or XML channel) by using an AES/3DES
cipher.
Web browser—You must configure the browser with a cipher equal to or greater than
AES/3DES. If the browser is not using AES or 3DES ciphers, iLO displays an error message.
The error text varies depending on the installed browser.
Different browsers use different methods for selecting a negotiated cipher. For more
information, see the browser documentation. Log out of iLO through the current browser
before changing the browser cipher setting. Any changes made to the browser cipher setting
while you are logged in to iLO might enable the browser to continue using a non-AES/3DES
cipher.
SSH connection—For instructions on setting the cipher to use, see the SSH utility
documentation.
XML channel—HPQLOCFG uses a secure 3DES cipher by default. For example,
HPQLOCFG displays the following cipher in the XML output:
Connecting to Server...
Negotiated cipher: 128–bit Rc4 with 160–bit SHA1 and 2048–bit RsaKeyx
Configuring a FIPS-validated environment with iLO
Use the following instructions to operate iLO in a FIPS-validated environment. To use FIPS mode,
see “Enabling FIPS mode” (page 87).
To set up an environment with a FIPS-validated version of iLO, follow the steps in the Security
Policy document that was part of the iLO FIPS validation process. The validated Security Policy
document is available on the NIST website at http://csrc.nist.gov/groups/STM/cmvp/
documents/140-1/140val-all.htm. The iLO FIPS information is listed under certificate 2574.
Enabling FIPS mode
Use this procedure to operate iLO in FIPS mode. To configure iLO in a FIPS-validated
environment, see “Configuring a FIPS-validated environment with iLO” (page 87).
Prerequisites
Configure iLO Settings privilege
iLO encryption settings 87