DescriptionLogjam vulnerability causes ssl error
ScopeVersion: Network Sentry 7.2.1.106 and below
SolutionVersion: Network Sentry 7.2.1.106 and below
Issue: Firefox browser will not open the Admin UI. The below error is produced instead:
"SSL received a weak ephemeral Diffie-Hellman key in Server Key Exchange handshake message. (Error code: ssl_error_weak_server_ephemeral_dh_key)
The page you are trying to view cannot be shown because the authenticity of the received data could not be verified. Please contact the website owners to inform them of this problem."
Workaround: This behavior is due to a change with Firefox 39.
Another browser can be used, or this Mozilla article contains a workaround for Firefox:
https://support.mozilla.org/en-US/questions/1066238
1) In FireFox, enter "about:config" in the URL field and press enter.
2) Accept the "This might void your warranty!" warning.
3) In the search field at the top, enter "security.ssl3.dhe_rsa_aes".
4) Double click each result (128 and 256) to toggle the Value to "false".
Solution:
Network Sentry version 7.2.1.120 and higher revises the allowed cipher list for the tomcat web server. Contact Product Support to schedule an upgrade.