logo
logo
Community
Pricing
Sign in
menu-h

Server has a weak ephemeral diffie-hellman public key err_ssl_weak_server_ephemeral_dh_key

avatar
kodblemsuser
Server has a weak ephemeral diffie-hellman public key err_ssl_weak_server_ephemeral_dh_key

Problem :

"Server has a weak ephemeral diffie-hellman public key err_ssl_weak_server_ephemeral_dh_key"

I guess Chrome have released an update over the past week.


And this update has caused at least 100 of our internal applications to throw the exception shown below. The solutions I have found over the Internet, talk about updating the application server with a stronger cipher.

But, our applications are spread out over various different servers like IIS, tomcat, jboss, weblogic and websphere. So it is not practical solution for me to expect all of these application servers to be updated. Is there any way to get Google Chrome to allow an


"exception" for these sites ? As these sites are all our internal sites, so the security is not really a concern for us.

Firefox also throws the same exception but there is a documented fix for that by simply changing some settings in Firefox. Is there anyone who is aware of a similar fix in Chrome?


Error

Server has a weak ephemeral Diffie-Hellman public key

ERR_SSL_WEAK_SERVER_EPHEMERAL_DH_KEY

Of "Server has a weak ephemeral diffie-hellman public key err_ssl_weak_server_ephemeral_dh_key"

I had also faced the same issue recently.

After doing research I found the solution on it. I also encountered the same Import Error while I was running tensorflow version 1.13.0 with my cuda 9. As I had installed tensor flow on a virtual environment with pip

I have solved this problem without upgrading jrockit but by simply configuring the ssl section like follows :

`

<enabled>true</enabled>

<hostname-verifier xsi:nil="true"></hostname-verifier>

<hostname-verification-ignored>false</hostname-verification-ignored>

<export-key-lifespan>500</export-key-lifespan>

<client-certificate-enforced>false</client-certificate-enforced>

<two-way-ssl-enabled>false</two-way-ssl-enabled> <ssl-rejection-logging-enabled>true</ssl-rejection-logging-enabled>

<inbound-certificate-validation>BuiltinSSLValidationOnly</inbound-certificate-validation>

<outbound-certificate-validation>BuiltinSSLValidationOnly</outbound-certificate-validation>

<allow-unencrypted-null-cipher>false</allow-unencrypted-null-cipher>

<use-server-certs>false</use-server-certs>

<jsse-enabled>true</jsse-enabled>

collect
0
avatar
kodblemsuser
Related Articles
WHO TO FOLLOW
MORE FROM AUTHOR
Difference between bootstrap and twitter bootstrap
kodblemsuser 2022-02-19
img
collect
0
How to password protect your computer your BIOS or UEFI
kodblemsuser 2022-02-19
img
collect
0
How to take a screenshot in windows
kodblemsuser 2022-02-12
img
collect
0
Server has a weak ephemeral diffie-hellman public key err_ssl_weak_server_ephemeral_dh_key
kodblemsuser 2022-02-12
img
collect
0
guide
Zupyak is the world’s largest content marketing community, with over 400 000 members and 3 million articles. Explore and get your content discovered.
Read more
WHO TO FOLLOW
Press enter to search  enter
articles