Go to main content

Oracle^® SuperCluster M8 and SuperCluster M7 Security Guide

Exit Print View

» ...Documentation Home » Oracle SuperCluster M8 and SuperCluster M7 ... » Oracle^® SuperCluster M8 and ... » Securing Oracle ILOM » Hardening the Oracle ILOM Security Configuration » Configure HTTP Redirection to HTTPS (Oracle ILOM)

Updated: June 2020

Oracle^® SuperCluster M8 and SuperCluster M7 Security Guide

Document Information

Using This Documentation

Understanding Security Principles

Reviewing the Default Security Configuration

Securing the Hardware

Securing Oracle ILOM

Log in to the Oracle ILOM CLI

Determine the Oracle ILOM Version

(If Required) Enable FIPS-140 Compliant Operation (Oracle ILOM)

Default Exposed Network Services (Oracle ILOM)

Hardening the Oracle ILOM Security Configuration

Disable Unnecessary Services (Oracle ILOM)

Configure HTTP Redirection to HTTPS (Oracle ILOM)

Disable Unapproved Protocols

Disable Unapproved TLS Protocols for HTTPS

Disable SSL Weak and Medium-Strength Ciphers for HTTPS

Disable Unapproved SNMP Protocols (Oracle ILOM)

Configure SNMP v1 and v2c Community Strings (Oracle ILOM)

Replace Default Self-Signed Certificates (Oracle ILOM)

Configure Administrative Browser Interface Inactivity Timeout

Configure the Administrative Interface Timeout (Oracle ILOM CLI)

Configure Login Warning Banners (Oracle ILOM)

Additional Oracle ILOM Resources

Securing the Compute Servers

Securing the ZFS Storage Appliance

Securing the Exadata Storage Servers

Securing the IB and Ethernet Switches

Auditing for Compliance

Keeping SuperCluster M8 and SuperCluster M7 Systems Secure

Language:

Configure HTTP Redirection to HTTPS (Oracle ILOM)

By default, the Oracle ILOM is configured to redirect incoming HTTP requests to the HTTPS service to ensure that all of the browser-based communications are encrypted between Oracle ILOM and the administrator.

On the management network, log in to Oracle ILOM.
See Log in to the Oracle ILOM CLI.

Verify that secure redirection is enabled.

-> show /SP/services/http secureredirect
/SP/services/https
Properties:
secureredirect = enabled

If the default has been changed, you can enable secure redirection.
```
-> set /SP/services/http secureredirect=enabled
```

Verify the setting by repeating Step 2.

Copyright © 2020, Oracle and/or its affiliates.