{{tag>java idrac kvm ilo}}

====== Connecting to server KVM console via java ======
If you're having issues connecting to server console because of old java version running on the server via a command like this 

  /usr/lib/jvm/jre1.8.0_361/bin/javaws 'viewer.jnlp(82.xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx)'

and you get security warnings regarding certificates or algorithms, there are several options to try.

===== Whitelist the IP =====
Run the

  /usr/lib/jvm/jre1.8.0_361/bin/jcontrol
  
Navigate to //Security// tab and put the https endpoint in //Exception Site List//.

===== Comment out the algorithms =====
Edit the //java.security// file for your java installation e.g ///usr/lib/jvm/jre1.8.0_361/lib/security/java.security// and comment the

  jdk.jar.disabledAlgorithms=
  jdk.tls.disabledAlgorithms=

2 lines.

Try conecting again.

===== denyAfter constraint check failed: SHA1 used with Constraint date: =====
Above can be fixed by setting the "jdk.certpath.disabledAlgorithms" in ///usr/lib/jvm/jre1.8.0_361/lib/security/java.security// to:

  jdk.certpath.disabledAlgorithms=MD2, MD5, SHA1 jdkCA & usage TLSServer, \
  RSA keySize < 1024, DSA keySize < 1024, EC keySize < 224, \
  include jdk.disabled.namedCurves


====== Tested on ======
  * Dell Poweredge R210 server java KVM console
  * jre1.8.0_361

====== See also ======
  * [[install_oracle_java_8_debian_9_stretch|Install Oracle java 8 on Debian 9 (Stretch)]]

====== References ======
  * https://www.youtube.com/watch?app=desktop&v=OSsuqMSBnwQ
  * https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0101395