cancel
Showing results for 
Search instead for 
Did you mean: 

Can't access Netsight in Firefox 39 due to weak ephemeral Diffie-Hellman key

Can't access Netsight in Firefox 39 due to weak ephemeral Diffie-Hellman key

James_A
Valued Contributor
Firefox 39 has deprecated some older and weaker SSL/TLS options for security reasons. I know how to work around this error with about:config options, but how do I fix the config on the NetSight server for everyone? I'm currently running 6.2.0.211. Poking around it seems to be running JBoss, which I'm not familiar with at all.

Full error:

An error occurred during a connection to netsight.xxx:8443. SSL received a weak ephemeral Diffie-Hellman key in Server Key Exchange handshake message. (Error code: ssl_error_weak_server_ephemeral_dh_key)
14 REPLIES 14

Rob_Yamry1
New Contributor
I am running 6.2.0.221 and this did not fix the issue. I didnt notice the problem until Chrome v45 was released though.

Andre_K_
New Contributor
The NAC captive portal is suffering from the same. Will that be fixed in 6.2.0.221 as well?

Great news. Thanks for investigating!

James_A
Valued Contributor
I've just upgraded my secondary NAC server to 6.2.0.221, and it has fixed the problem there too.

Jason1
Extreme Employee
James,

This is an issue that was fixed in 6.2.0.221. An upgrade will resolve that.

https://gtacknowledge.extremenetworks.com/articles/Solution/Server-has-a-weak-ephemeral-Diffie-Hellm...

Thanks,
Jason
GTM-P2G8KFN