Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Lolu chungechunge lwabekwa kunqolobane. Uyacelwa ubuze umbuzo omusha uma udinga usizo.

"Secure Connection Failed" Error on one particular website

  • 5 uphendule
  • 10 zinale nkinga
  • 260 views
  • Igcine ukuphendulwa ngu cor-el

more options

When I try to access the https site for MyMU (it is a student services website for my Alma Mater, Marshall University) at https://mymu.marshall.edu/group/mycampus/home, I receive a "Secure Connection Failed" error with the following message: "An error occurred during a connection to mymu.marshall.edu. SSL received a weak ephemeral Diffie-Hellman key in Server Key Exchange handshake message. (Error code: ssl_error_weak_server_ephemeral_dh_key)." I am asking about this here because I already tried every possible solution given at https://support.mozilla.org/en-US/kb/secure-connection-failed-error-message, as well as several other solutions in the Mozilla forums and such, to no avail. What the heck is going on, and how can I fix it?

I can still access the https://mymu domain in Chrome, by the way. And this problem only seems to be happening after I updated to VERSION TWO OF THE FIREFOX 39.0 BETA (I should mention, I use the beta release because I want my browser to be 64-bit).

All Replies (5)

more options

hi, this means that the webserver is vulnerable to the recently published logjam vulnerability: http://arstechnica.com/security/2015/05/https-crippling-attack-threatens-tens-of-thousands-of-web-and-mail-servers/ please report that to the IT department of your university to fix...

more options

Thank you! I sent them an email about the issue.

For NOW, is there some way I can possibly BYPASS the issue to get into my email here in Firefox? Fact is, I don't have anything especially sensitive in my email that anyone could use to steal my identity, or anything like that, so this isn't such a big concern to me (i.e. a possible security leak or whatever couldn't really give a hacker anything useful on me through my email).

more options

You can toggle involved DHE ciphers on the about:config page with double-click to false.

  • security.ssl3.dhe_rsa_aes_128_sha
  • security.ssl3.dhe_rsa_aes_256_sha

You can open the about:config page via the location/address bar. You can accept the warning and click "I'll be careful" to continue.

Okulungisiwe ngu cor-el

more options

Thank you very much! I am aware of the about:config preferences, have already done a bunch of tweaks in there before. Knowing which preferences to tweak to get this issue resolved was all I really needed ;)

more options

You're welcome.