The latest versions of Firefox (39+), Thunderbird (38+) and Chrome (45+) have implemented new security measures that block websites with older, insecure SSL certs. This is to protect against the 'logjam' vulnerability mainly.
The full error may look like this in your browser:
Secure Connection Failed
An error occurred during a connection to www.website.com. SSL received a weak ephemeral Diffie-Hellman key in Server Key Exchange handshake message. (Error code: ssl_error_weak_server_ephemeral_dh_key)
The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
Please contact the web site owners to inform them of this problem.
You will have no option to ignore the warning and proceed with the connection. The owners of the server or website in question ideally need to update their server settings and SSL certificate to ensure it is secure.
A work around in Firefox is the following:
Type in about:config in the address bar and press enter > search for 'security.ssl3.dhe_rsa_aes' here > toggle both results to false
Comments
0 comments
Article is closed for comments.