Not for sure if this has already been discussed, my apologies if so.
I work in a DOD environment where my OME server needs to be STIG'd. Part of the STIG's will not allowing unencrypted WinRM traffic. I have been trying to research a way to configure iDRAC to encrypt the ws-man traffic during inventory and discovery, as well as out-of-band updating. Just not for sure how to properly set this up. Any help is appreciated!
From OME point of view, encrypted traffic is allowed. You need to ensure following winrm configuration is met:
>winrm get winrm/config/client
Client NetworkDelayms = 5000 URLPrefix = wsman AllowUnencrypted = falseAuth Basic = true Digest = true Kerberos = true Negotiate = true Certificate = true CredSSP = falseDefaultPorts HTTP = 5985 HTTPS = 5986TrustedHosts
To enable from iDRAC side, I would request you to cross-post this query on general forum below:
Thanks for the quick response! I will head over to the other forum to discuss the encrypted traffic from iDRAC.