After upgrading Java to version 8u171 the Java KVM client provided by my Dell BMC's web interface stopped working. The only error message is "Connection failed."
I'm using the BMC on a PowerEdge C6220, but other models may also be affected.
What's going on and how can I fix it?
This is because Java 8u171 disables the use of the 3DES_EDE_CBC cipher when making TLS connections. Apparently the client (or the BMC itself) is incapable of using more modern ciphers, even with the most recent firmware.
You can reconfigure Java by editing the java.security file. This can be found in lib\security (Java 8 or earlier) or in conf\security (Java 9 or later). You need to remove 3DES_EDE_CBC from the setting for jdk.tls.disabledAlgorithms.
For example, the default setting in Java 8u171 is
jdk.tls.disabledAlgorithms=SSLv3, RC4, MD5withRSA, DH keySize < 1024, \
EC keySize < 224, DES40_CBC, RC4_40, 3DES_EDE_CBC
To re-enable 3DES_EDE_CBC, this needs to be changed to
jdk.tls.disabledAlgorithms=SSLv3, RC4, MD5withRSA, DH keySize < 1024, \
EC keySize < 224, DES40_CBC, RC4_40
Java documents this here, under the title "Disable the TLS 3DES cipher suites".