This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Can't access Netsight in Firefox 39 due to weak ephemeral Diffie-Hellman key

Can't access Netsight in Firefox 39 due to weak ephemeral Diffie-Hellman key

James_A
Valued Contributor

‎07-16-2015 12:57 PM

Firefox 39 has deprecated some older and weaker SSL/TLS options for security reasons. I know how to work around this error with about:config options, but how do I fix the config on the NetSight server for everyone? I'm currently running 6.2.0.211. Poking around it seems to be running JBoss, which I'm not familiar with at all.

Full error:

An error occurred during a connection to netsight.xxx:8443. SSL received a weak ephemeral Diffie-Hellman key in Server Key Exchange handshake message. (Error code: ssl_error_weak_server_ephemeral_dh_key)
14 REPLIES 14

Rob_Yamry1
New Contributor

‎09-09-2015 10:39 AM

I am running 6.2.0.221 and this did not fix the issue. I didnt notice the problem until Chrome v45 was released though.
0 Kudos

Andre_K_
New Contributor

‎07-20-2015 05:54 AM

The NAC captive portal is suffering from the same. Will that be fixed in 6.2.0.221 as well?
0 Kudos

Andre_K_
New Contributor
In response to Andre_K_

‎07-20-2015 05:54 AM

Great news. Thanks for investigating!
0 Kudos

James_A
Valued Contributor
In response to Andre_K_

‎07-20-2015 05:54 AM

I've just upgraded my secondary NAC server to 6.2.0.221, and it has fixed the problem there too.

0 Kudos

Jason1
Extreme Employee

‎07-16-2015 01:09 PM

James,

This is an issue that was fixed in 6.2.0.221. An upgrade will resolve that.

https://gtacknowledge.extremenetworks.com/articles/Solution/Server-has-a-weak-ephemeral-Diffie-Hellm...

Thanks,
Jason
0 Kudos
GTM-P2G8KFN