Ovo će web mjesto raditi na ograničen način, dok obavljamo održavanje stranice. Ako neki članak ne riješi tvoj problem i ako želiš postaviti pitanje, naša zajednica za podršku spremna je pomoći na Twitteru @FirefoxSupport i na Redditu /r/firefox.

Pretraži podršku

Izbjegni prevare podrške. Nikad te nećemo tražiti da nas nazoveš, da nam pošalješ telefonski broj ili da podijeliš osobne podatke. Prijavi sumnjive radnje pomoću opcije „Prijavi zlouporabu”.

Saznaj više

SSL Issue with security.ssl3.dhe_rsa_aes_128_sha

  • 3 odgovora
  • 1 ima ovaj problem
  • 1 prikaz
  • Posljednji odgovor od cjratliff

more options

I am having an issue where I have an internal site (WebLogic App) that has SSL. Firefox fails to open:

An error occurred during a connection to trobiee01.ecapitaladvisors.com:7002. SSL received a weak ephemeral Diffie-Hellman key in Server Key Exchange handshake message. Error code: SSL_ERROR_WEAK_SERVER_EPHEMERAL_DH_KEY

However, when I toggle the setting security.ssl3.dhe_rsa_aes_128_sha to 'false' the site opens. I would like to know why and what is the issue with the web application. Please assist.

I am having an issue where I have an internal site (WebLogic App) that has SSL. Firefox fails to open: An error occurred during a connection to trobiee01.ecapitaladvisors.com:7002. SSL received a weak ephemeral Diffie-Hellman key in Server Key Exchange handshake message. Error code: SSL_ERROR_WEAK_SERVER_EPHEMERAL_DH_KEY However, when I toggle the setting security.ssl3.dhe_rsa_aes_128_sha to 'false' the site opens. I would like to know why and what is the issue with the web application. Please assist.

Svi odgovori (3)

more options
This indicates that the site is defaulting to an obsolete encryption cipher which is vulnerable to the "Logjam" attack that was in the news earlier this year.

https://support.mozilla.org/en-US/questions/1073420

more options

It appears the cipher suite it is defaulting to is:

TLS_RSA_WITH_AES_128_CBC_SHA

I am assuming this is vulnerable to logjam as well?

more options

When set the cipher to 'false' is it in effect disabling TLS_DHE_RSA_WITH_AES_128_CBC_SHA and allowing TLS_RSA_WITH_AES_128_CBC_SHA instead?

Thank you in advance