error when reading from SSL socket connection
So the openjdk in most linux distros has now been upgraded to v1.8. This has a good bug fix regarding the whole SSLv3 Poodle vulnerability.
This has one problem. The Dell DRAC remote management cards installed in a lot of Dell servers relies on SSLv3 to operate. Without this, you can get into the web interface – but when you get an error stating Error when reading from SSL socket connection and no further.
Thankfully, it is simple to re-enable SSLv3 to allow the connection to succeed.
Open up /usr/lib/jvm/*/jre/lib/security/java.security in your favourite editor as root, and change the following line:
This enables SSLv3 to all java applications – however it exposes yourself to the MITM attack as defined in CVE-2014-3566. I suggest having a read of the CVE to understand if you want to leave this setting as default on your system or disable it again afterwards.
The corresponding file (at least on my install) for Windows is at C:\Program Files (x86)\Java\jre1.8.0_31\lib\security\java.security .
The jdk.tls.disabledAlgorithms line that needs to be commented out is at the bottom of the file. I agree that Dell needs to update the DRAC5 to support newer ciphers..