Software Defined Networking
1748287 Members
3321 Online
108761 Solutions
New Discussion юеВ

Re: FIrefox (Error code: ssl_error_weak_server_ephemeral_dh_key)

 
chrisnagasawa
Occasional Contributor

FIrefox (Error code: ssl_error_weak_server_ephemeral_dh_key)

Using SDN Controller v2.5.15.1175

 

Getting this error message after upgrading to the latest Firefox version 39.0.

 

SSL received a weak ephemeral Diffie-Hellman key in Server Key Exchange handshake message.

(Error code: ssl_error_weak_server_ephemeral_dh_key)

 

IE and Chrome seem to be working.

 

A workaround to allow weak cyphers in Firefox seems to work:

1) In FireFox, enter "about:config" in the URL field and press enter.

2) Accept the "This might void your warranty!" warning :)

3) In the search field at the top, enter "security.ssl3.dhe_rsa_aes"

4) Double click each result (128 and 256) to toggle the Value to "false"

 

Is there a way to fix this with keytool to gen a new cert?

 

 

 

4 REPLIES 4
Carlos
Frequent Advisor

Re: FIrefox (Error code: ssl_error_weak_server_ephemeral_dh_key)

Chris,

 

Thank you for contacting the HP SDN Forum. At the moment I am researching your issue with our engineering department to see if they can upgrade the script. I will get back to you once I get an official notice that the script has been updated.

 

Best Regards,

 

Carlos

CoE/SDN Team

ph4ntom74
New Member

Re: FIrefox (Error code: ssl_error_weak_server_ephemeral_dh_key)

was able to generate a new cert but i cant login to the web page, now on firefox it says:

"Unable to connect

Firefox can't establish a connection to the server at 192.168.192.42:8443.

The site could be temporarily unavailable or too busy. Try again in a few moments.
If you are unable to load any pages, check your computer's network connection.
If your computer or network is protected by a firewall or proxy, make sure that Firefox is permitted to access the Web."

But from chrome it states:

"This webpage is not available

ERR_CONNECTION_TIMED_OUT"

:(

 

 

 

 

ShivB
Occasional Advisor

Re: FIrefox (Error code: ssl_error_weak_server_ephemeral_dh_key)

any update on this issue? why is this listed in 'resolved issues' tag? thanks.

Scott_Koster
Advisor

Re: FIrefox (Error code: ssl_error_weak_server_ephemeral_dh_key)

Please use version 2.7.10 or newer of the VAN SDN Controller.  There is an OVA download package, or debian package with upgrade instructions. Download link below:

https://h10145.www1.hpe.com/Downloads/SoftwareReleases.aspx?ProductNumber=J9863AAE&lang=en&cc=us&prodSeriesId=5443866

Best Regards,

-Scott

Scott Koster | Technical Marketing Engineer
HPE Aruba