My Oracle Support Banner

Client is able to connect TLS even after disabling the TLS version on the IB switch (Doc ID 2468528.1)

Last updated on OCTOBER 11, 2019

Applies to:

Sun Datacenter InfiniBand Switch 36 - Version All Versions and later
Sun Network QDR InfiniBand Gateway Switch - Version All Versions and later
Information in this document applies to any platform.

Symptoms

 Disabled all versions of TLS lesser than TLS1.2 on IB switches but client is still able to connect it using "openssl".

 openssl s_client -tls1 -connect  IP_Address:443

 

Ex:

IB Switch ILOM

/SP/services/https
Properties:
port = 443
servicestate = enabled
sessiontimeout = 15
tlsv1 = disabled
tlsv1_1 = disabled     <<    ------ 
tlsv1_2 = enabled

 

Even when the lower version of TLS is disabled on the IB switch the client is able to connect with TLS1 or TLS1_1 using the below command

openssl s_client -tls1 -connect IP_Address:443

openssl s_client -tls1_1 -connect IP_Address:443

Changes

 

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Symptoms
Changes
Cause
Solution
 Purpose
 Troubleshooting Steps

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.