服务器的瞬时 Diffie-Hellman 公共密钥过弱的解决方案

          

      针对高版本的chrome和firefox出现的如下问题的解决方案

   服务器的瞬时 Diffie-Hellman 公共密钥过弱

 

      ERR_SSL_WEAK_SERVER_EPHEMERAL_DH_KEY
 

 

Resolving ERR_SSL_WEAK_SERVER_EPHEMERAL_DH_KEY error in Chrome version 45
in ADAudit Plus  •  Troubleshooting  •  03 Sep, 01:18 PM
Hi,

You will receive the error "ERR_SSL_WEAK_SERVER_EPHEMERAL_DH_KEY" when the server is trying to setup a secure connection due to a disastrous mis-configuration as the connection wouldn’t be secure. As of Chrome version 45, this error message is triggered if the SSL/TLS handshake attempts to use a public key smaller than 1024 bits. Please replace the cipher in the SSL connector to fix it.

Please edit the Server.xml file from the "\ManageEngine\ADAudit Plus\conf\"  and add the given chipers

ciphers= " TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA256,TLS_RSA_WITH_AES_256_CBC_SHA " 


Example : 

   



Please follow the steps provided below to modify SSL Connector.

* Stop ADAudit Plus (Click Start --> All Programs --> ADAudit Plus --> Stop ADAudit Plus).

* Take a backup of the existing "server.xml" file located in \conf folder (C:\ManageEngine\ADAudit Plus\conf) 

*  Edit the "server.xml" file to modify the SSL Connector which would be at the bottom of the page.

* Start ADAudit Plus (Click on Start --> All Programs --> ADAudit Plus --> Start ADAudit Plus).

Regards

ADAudit Plus Team

    thx for foreign big genius!

 

    https://forums.manageengine.com/topic/resolving-err-ssl-weak-server-ephemeral-dh-key-error-in-chrome-version-45-3-9-2015

你可能感兴趣的:(https,cas)