supermicro

Reviving Remote Access to Legacy Supermicro Servers: A Technical Guide

Overcoming the challenges of accessing remote console on legacy Supermicro servers using OpenWebStart and specific Java versions, plus solving the mysterious "invalid session token" error with a creative BMC reset approach that preserves network connectivity.

Bartosz Maciejewski

5 min read
Reviving Remote Access to Legacy Supermicro Servers: A Technical Guide
Photo by Roman Spiridonov / Unsplash

In the world of server management, remote access capabilities are essential - especially when dealing with hardware located in distant data centers. Recently, I encountered an interesting challenge with an older but fully updated Supermicro X9DRW server. Despite its age, this workhorse continues to perform excellently in 2025, but accessing its remote console proved to be an adventure worth documenting.

The Challenge: Java Console Access in a Modern World

Supermicro's older BMC (Baseboard Management Controller) implementations rely on Java for their remote console functionality, specifically their JViewer application. As Java has evolved and browser support for Java applets has diminished, accessing these consoles has become increasingly difficult.

My initial attempts to connect to the BMC's web interface worked fine - I could log in and navigate the interface. However, when trying to launch the remote console via JViewer, I encountered multiple roadblocks.

Error-Filled Journey Through Java Compatibility

My journey began with numerous frustrating errors when attempting to use native Java installations without OpenWebStart.

Native Java JAR Signing Issues

When trying to use standard Java Web Start (javaws), I encountered signing verification errors:

com.sun.deploy.net.JARSigningException: Found unsigned entry in resource: http://[BMC-IP]:80/Java/release/JViewer.jar
    at com.sun.javaws.security.SigningInfo.getCommonCodeSignersForJar(Unknown Source)
    at com.sun.javaws.security.SigningInfo.check(Unknown Source)
    at com.sun.javaws.security.JNLPSignedResourcesHelper.checkSignedResourcesHelper(Unknown Source)

I even tried creating a permissive security policy file (policy.all) containing:

grant { permission java.security.AllPermission; };

And launching with:

javaws -J-Djava.security.policy=file:policy.all "path\to\jviewer.jnlp"

Initial OpenWebStart Attempts

My first attempts with stock OpenWebStart also failed with cryptic initialization errors:

net.sourceforge.jnlp.LaunchException: Fatal: Initialization Error: Could not initialize application. 
The application has not been initialized, for more information execute javaws from the command line.
    at net.sourceforge.jnlp.Launcher.createApplication(Launcher.java:593)
    at net.sourceforge.jnlp.Launcher.launchApplication(Launcher.java:374)
    at net.sourceforge.jnlp.Launcher.access$300(Launcher.java:72)
    at net.sourceforge.jnlp.Launcher$TgThread.run(Launcher.java:661)

Finding the Right Java Combination

After several failed attempts with modern Java versions, I discovered that OpenWebStart paired with Java 1.8.0-262 OpenLogic - OpenJDK was the magic combination.

Here's how I got it working:

  1. Downloaded and installed OpenWebStart
  2. Obtained Java 1.8.0-262 from OpenLogic
  3. Imported this specific JDK into OpenWebStart

Interestingly, attempts to use even older Java versions (7 and even 6) failed because OpenWebStart wouldn't import these ancient JDKs.

# Command to check your java version if uncertain
java -version

# Expected output for working configuration
openjdk version "1.8.0_262"
OpenJDK Runtime Environment (build 1.8.0_262-b10)
OpenJDK 64-Bit Server VM (build 25.262-b10, mixed mode)

The "Invalid Session Token" Mystery

With Java finally configured correctly, JViewer would launch but immediately display an "invalid session token" error. This error message was particularly frustrating as it suggested authentication problems rather than the actual issue.

Digging deeper, I noticed that while the BMC web interface appeared functional (I could navigate menus and download the Java client), certain features like sensor readings weren't working. This suggested the BMC was in a partially hung state - alive enough to serve web pages but not fully operational.

The Remote Reset Challenge

The obvious solution was to reset the BMC, but this posed another challenge: how to reset remotely without physical access?

I attempted SSH access to the BMC and encountered a limited SMASH CLP interface:

ssh admin@bmc-ip-address

While connected, I found that direct reset commands didn't work:

-> reset
   reset verb is not supported for /
-> reset -force
   Method execution failed.

Even after navigating to seemingly appropriate targets:

-> cd /admin1/clpsvc1
-> reset
   Method execution failed.

The Solution: BMC Factory Reset with Network Preservation

After exploring various options, I found the solution hiding in plain sight within the web interface. The trick was to use the "Reset Factory Defaults" option, but with a critical customization:

  1. Navigate to Maintenance > BMC Preserve Configuration

2. Check ONLY the "Preserve Network Settings" option (deliberately left "Preserve KVM Settings" unchecked to ensure the KVM subsystem would reset)

  1. Proceed with the factory reset

This approach allowed me to reset the hung BMC while maintaining network connectivity - avoiding a trip to the data center.

Missing readings from Platform Overall Health is sign of hanged BMC

The Reward: A Surprisingly Excellent Console Experience

After the BMC reset and reconnecting with OpenWebStart, the JViewer console performed remarkably well. Despite the age of both the hardware and the software, the remote console experience in 2025 is excellent:

  • No noticeable input lag
  • No key repetition issues
  • Full ISO mounting capabilities
  • Virtual media redirection
  • Hardware monitoring
  • Power control operations

The console feels responsive and reliable, dispelling any notion that older technology necessarily means a compromised experience.

Lessons Learned

This experience highlights a few important points for anyone managing legacy server infrastructure:

  1. Don't assume older hardware can't be managed remotely - often there's a solution
  2. The combination of software versions matters significantly
  3. BMC interfaces can enter partially failed states where a reset is the only solution
  4. Factory resets with preserved networking can be a lifesaver for remote systems

The Supermicro X9DRW (product archive link) may be considered legacy hardware now, but with the right approach, it can be managed just as effectively as newer systems.

Coming Soon for Subscribers: A utility tool for generating serial keys to unlock BIOS and BMC upgrades through the BMC interface - bypassing Supermicro's peculiar decision to place these essential maintenance functions behind a paywall.

You always have a choice — support in the way that suits you best!

Buy Me a Coffee

Fuel my creativity with a coffee — every sip keeps this blog running!

Buy Me a Coffee

Support This Blog — Because Heroes Deserve Recognition!

Whether it's a one-time tip or a subscription, your support keeps this blog alive and kicking. Thank you for being awesome!

Tip Once

Hey, Want to Join Me on This Journey? ☕

While I'm brewing my next technical deep-dive (and probably another cup of coffee), why not become a regular part of this caffeinated adventure?

Subscribe

Read more