X
Tap here to go to the mobile version of the site.

ஆதரவு மன்றம்

error ssl_error_weak_server_ephemeral_dh_key I can't log into my ISP please help.

  • 7 replies
  • 474 இந்த பிரச்னைகள் உள்ளது
  • Last reply by jjpjjpjjp
பதிவிடப்பட்டது

I don't know why I don't have the correct ssl certificate or whatever. I use firefox 60(nightly) I am not sure if I deleted my certificates or what may have happened but it says ssl_error_weak_server_ephemeral_dh_key I don't know exactly what this means or how to get my dh key to give them the right key.

I don't know why I don't have the correct ssl certificate or whatever. I use firefox 60(nightly) I am not sure if I deleted my certificates or what may have happened but it says ssl_error_weak_server_ephemeral_dh_key I don't know exactly what this means or how to get my dh key to give them the right key.

தீர்வு தேர்ந்தெடுக்கப்பட்டது

Note that users with the current and older Firefox releases can toggle these prefs to false on the about:config page to disable the cipher suites that are involved with the Logjam vulnerability.

  • security.ssl3.dhe_rsa_aes_128_sha
  • security.ssl3.dhe_rsa_aes_256_sha

  • Bug 1138554 - NSS accepts export-length DHE keys with regular DHE cipher suites

Logjam: How Diffie-Hellman Fails in Practice:

Read this answer in context 97

Additional System Details

நிறுவப்பட்ட நிரல்கள்

  • PlayNow Plugin
  • Battlelog Game Launcher (2.6.2)
  • Battlelog Game Launcher (2.5.1)
  • Version 5.41.2.0
  • Google Update
  • NPRuntime Script Plug-in Library for Java(TM) Deploy
  • Next Generation Java Plug-in 11.45.2 for Mozilla browsers
  • Motive Management Plug-in for Mozilla Browsers
  • NVIDIA 3D Vision Streaming plugin for Mozilla browsers
  • NVIDIA 3D Vision plugin for Mozilla browsers
  • The QuickTime Plugin allows you to view a wide variety of multimedia content in Web pages. For more information, visit the QuickTime Web site.
  • Shockwave Flash 18.0 r0
  • 5.1.40416.0
  • Unity Player 4.3.7f1
  • VLC media player Web Plugin 2.1.3
  • iTunes Detector Plug-in
  • npIPcam DLL - 2.0.2.11

பயன்பாடு

  • User Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:40.0) Gecko/20100101 Firefox/40.0

கூடுதல் தகவல்

philipp
  • Top 25 Contributor
  • Moderator
5304 தீர்வுகள் 23419 பதில்கள்
பதிவிடப்பட்டது

hi jjpjjpjjp, this means that the webserver you're trying to reach is vulnerable to the recently published logjam vulnerability: http://arstechnica.com/security/2015/05/https-crippling-attack-threatens-tens-of-thousands-of-web-and-mail-servers/ please report that to webmaster of the site in question to fix that issue...

https://weakdh.org/

hi jjpjjpjjp, this means that the webserver you're trying to reach is vulnerable to the recently published logjam vulnerability: http://arstechnica.com/security/2015/05/https-crippling-attack-threatens-tens-of-thousands-of-web-and-mail-servers/ please report that to webmaster of the site in question to fix that issue... https://weakdh.org/
பதிவிடப்பட்டது

கேள்வியின் உரிமையாளர்

This seems to directly refer to my problem, just to make sure, I am running 64 bit windows 8.1 and a newer browser, it would still affect me?

This seems to directly refer to my problem, just to make sure, I am running 64 bit windows 8.1 and a newer browser, it would still affect me?
philipp
  • Top 25 Contributor
  • Moderator
5304 தீர்வுகள் 23419 பதில்கள்
பதிவிடப்பட்டது

this is a vulnerability in the configuration of web-servers, that allows downgrading the encryption levels of connections so that third parties can listen in (so it will need to be fixed by the administrators of each affected webservers). new browser versions should show you a warning message like the one you have referenced and block any connections to affected servers.

this is a vulnerability in the configuration of web-servers, that allows downgrading the encryption levels of connections so that third parties can listen in (so it will need to be fixed by the administrators of each affected webservers). new browser versions should show you a warning message like the one you have referenced and block any connections to affected servers.
பதிவிடப்பட்டது

கேள்வியின் உரிமையாளர்

Well thank you very much for sharing this knowledge with me, I will do what I can to correct it, and I will contact the webmasters a.s.a.p.

Well thank you very much for sharing this knowledge with me, I will do what I can to correct it, and I will contact the webmasters a.s.a.p.
cor-el
  • Top 10 Contributor
  • Moderator
17467 தீர்வுகள் 157849 பதில்கள்
பதிவிடப்பட்டது

தீர்வு தேர்ந்தெடுக்கப்பட்டது

Note that users with the current and older Firefox releases can toggle these prefs to false on the about:config page to disable the cipher suites that are involved with the Logjam vulnerability.

  • security.ssl3.dhe_rsa_aes_128_sha
  • security.ssl3.dhe_rsa_aes_256_sha

  • Bug 1138554 - NSS accepts export-length DHE keys with regular DHE cipher suites

Logjam: How Diffie-Hellman Fails in Practice:

Note that users with the current and older Firefox releases can toggle these prefs to false on the <b>about:config</b> page to disable the cipher suites that are involved with the Logjam vulnerability. *security.ssl3.dhe_rsa_aes_128_sha *security.ssl3.dhe_rsa_aes_256_sha ---- *Bug 1138554 - NSS accepts export-length DHE keys with regular DHE cipher suites Logjam: How Diffie-Hellman Fails in Practice: *https://weakdh.org/
பதிவிடப்பட்டது

கேள்வியின் உரிமையாளர்

Thanks for the update, I'm going to go ahead and access that now and see if that changes anything about the certificate.

Thanks for the update, I'm going to go ahead and access that now and see if that changes anything about the certificate.
பதிவிடப்பட்டது

உதவிகரமான பதில்

well after toggling both to false, I still get the error on the secure page I am accessing. I have, however, found a solution, for now, my Google Chrome has not been affected by this weak dh error and I can use it to access that specific page and probably any other page with such an error.

Edit: hold on. I had picked the wrong ones. I did what you said and that solved it perfectly. Thank you for your solution! I can now access the secure page using my mozilla browser.

well after toggling both to false, I still get the error on the secure page I am accessing. I have, however, found a solution, for now, my Google Chrome has not been affected by this weak dh error and I can use it to access that specific page and probably any other page with such an error. Edit: hold on. I had picked the wrong ones. I did what you said and that solved it perfectly. Thank you for your solution! I can now access the secure page using my mozilla browser.

jjpjjpjjp மூலமாக திருத்தப்பட்டது