Hi,
I am writing this blog to help saving time for admins like me who are getting this error in their browsers "Server has a weak, ephemeral Diffie-Hellman public key"
The server.xml in tomcat is looks similar to this :
With Firefox, I get the untrusted communication error. and there are no errors in catalina.log.
Solution :
Just add this below keystorePass
and Save.
It should look like this :
clientAuth="false" sslProtocol="TLS"/>I am writing this blog to help saving time for admins like me who are getting this error in their browsers "Server has a weak, ephemeral Diffie-Hellman public key"
The server.xml in tomcat is looks similar to this :
clientAuth="false" sslProtocol="TLS"/> With Firefox, I get the untrusted communication error. and there are no errors in catalina.log.
Solution :
Just add this below keystorePass
ciphers="TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA256,TLS_RSA_WITH_AES_256_CBC_SHA"and Save.
It should look like this :
ciphers="TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA256,TLS_RSA_WITH_AES_256_CBC_SHA" Thats all friends, restart the service and the page will open normal.
Thanks
Rohit Kumar
No comments:
Post a Comment