published on

iDRAC 7 VNC with TLS on OS X

The Dell lights-out-manager (lom) provides the ability to view the “console” of the server, though if you are on OS X you are stuck with the Java edition of the console. The performance of this is not the best and the battery usage suffers when running this.

Newer version of iDRAC also provides a standard VNC server that connects to the same console, so you can use most (or all?) standard VNC clients to view the console.

You can find the setting to enable VNC under

Overview -> iDRAC Settings -> Network -> Services

SSL Encryption

If you access the iDRAC over a public network, you should enable SSL Encryption. Though this is when it gets complicated with regards to using the standard VNC clients. In my experience, none of the VNC clients work with this enabled.


To get around this, we can use stunnel to tunnel all VNC traffic over a SSL connection. First install stunnel, I recommend using homebrew

brew install stunnel

Then grab the certificate from the VNC server,

openssl s_client -connect <server>:<port>

You should get the certificate in PEM format as output among other things, look for


and save it to a file named for example yourserver-lom.pem

then create a file called yourserver-stunnel.conf and put the following in it

client = yes
foreground = yes
CAfile = yourserver-lom.pem
accept =
connect = <server>:<port>

and start stunnel with

stunnel yourserver-stunnel.conf

Now you can hopefully use Chicken or your preferred VNC client to connect to localhost:1234 and you should be greeted with a password prompt.