I'm currently using Cisco IMC PowerTools 126.96.36.199, and I'm attempting to connect to a C-Series. I'm able to successfully connect to the C-Series when I use the Cisco IMC PowerTools powershell window, however, when I import the Cisco.IMC module through a normal powershell session, I'm not able to connect to that C-Series.
I get the error message "300:The request was aborted: Could not create SSL/TLS secure channel..".
Is there a flag or something that I need to set to allow me to connect to this C-Series?
Can you please check what it the value of InvalidCertificateAction by running the Get-UcsPowerToolConfiguration cmdlet from the stand alone powershell window. By default we will be setting it to Ignore. You can change this setting by using the below cmdlet
Set-UcsPowerToolConfiguration -InvalidCertificateAction Ignore -Force
Thanks, but it looks like InvalidCertificateAction is set to ignore.
I also attempted to regenerate the self-signed cert, and now I get the same error message through Cisco IMC Powertools Powershell session as well as the standalone powershell session with Cisco.IMC module imported.
Can you please share the version of the Cisco IMC that you are trying to connect to.
Cisco IMC 3.0(1) release XMLAPI uses TLS 1.2 version which is not supported in UCS PowerTool Suite 188.8.131.52. The release with support for TLS 1.2 and the new features of IMC 3.0(1c) was released in February 2017, version 184.108.40.206
There are 2 options either you upgrade to the latest version of the PowerTool (220.127.116.11)
or use the below code snippet before you make any connection to the IMC.
[System.Net.ServicePointManager]::SecurityProtocol =[System.Net.SecurityProtocolType]::Ssl3 -bor [System.Net.SecurityProtocolType]::Tls -bor [System.Net.SecurityProtocolType]::Tls11 -bor [System.Net.SecurityProtocolType]::Tls12
Hope this helps. Let me know if you need further help on this.
I have a customer hitting the same thing. They have upgraded to the latest version of UCS powertools and still get the SSL issue.
I was able to test in my lab without an issue.
We tried regenerating the cert on the server and also verified we could putty in from this server to take a Firewall issue out of the mix.
What is the .NET version in customer environment? It is recommended to update the .NET version to 4.6 and above. If upgrading .NET to latest is not resolving the issue you can ask customer to log a case with Cisco support. We can take a look at the issue and analyse further on this.