nanog mailing list archives
Re: SEC webpages inaccessible due to Firefox blocking servers with weak DH ciphers
From: Jeff Gehlbach <jeffg () opennms org>
Date: Fri, 17 Jul 2015 09:56:52 -0400
On 07/17/2015 08:41 AM, Robert Drake wrote:
I've also got a jetty server (opennms) that broke due to this, so I upgraded and fixed the SSL options and it's still broken in some way that won't log errors. I have no time to track that down so the workaround is to use the unencrypted version until I can figure it out.
We had a ticket about this a couple weeks ago from a support client who was catching flak from a PCI-DSS audit team. Here's the changeset that should address the problem: https://github.com/OpenNMS/opennms/commit/6da9e8952e7f81b0b863da93add684c5e963e0ba -jeff
Attachment:
signature.asc
Description: OpenPGP digital signature
Current thread:
- SEC webpages inaccessible due to Firefox blocking servers with weak DH ciphers Matthew Huff (Jul 16)
- Re: SEC webpages inaccessible due to Firefox blocking servers with weak DH ciphers Randy Bush (Jul 17)
- Re: SEC webpages inaccessible due to Firefox blocking servers with weak DH ciphers Alexander Maassen (Jul 17)
- Re: SEC webpages inaccessible due to Firefox blocking servers with weak DH ciphers Robert Drake (Jul 17)
- RE: SEC webpages inaccessible due to Firefox blocking servers with weak DH ciphers Matthew Huff (Jul 17)
- Re: SEC webpages inaccessible due to Firefox blocking servers with weak DH ciphers Alexander Bochmann (Jul 19)
- Re: SEC webpages inaccessible due to Firefox blocking servers with weak DH ciphers Jeff Gehlbach (Jul 17)
- Re: SEC webpages inaccessible due to Firefox blocking servers with weak DH ciphers Alexander Maassen (Jul 17)
- Re: SEC webpages inaccessible due to Firefox blocking servers with weak DH ciphers Geoffrey Keating (Jul 17)
- Re: SEC webpages inaccessible due to Firefox blocking servers with weak DH ciphers Michael O Holstein (Jul 17)
- Re: SEC webpages inaccessible due to Firefox blocking servers with weak DH ciphers Niels Bakker (Jul 17)
- Re: SEC webpages inaccessible due to Firefox blocking servers with weak DH ciphers Michael O Holstein (Jul 17)
- Re: SEC webpages inaccessible due to Firefox blocking servers with weak DH ciphers Alexander Maassen (Jul 17)
- Re: SEC webpages inaccessible due to Firefox blocking servers with weak DH ciphers Matt Palmer (Jul 17)
- Re: Re: SEC webpages inaccessible due to Firefox blocking servers with weak DH ciphers tqr2813d376cjozqap1l (Jul 17)
- Re: Re: SEC webpages inaccessible due to Firefox blocking servers with weak DH ciphers George Metz (Jul 18)
- Re: SEC webpages inaccessible due to Firefox blocking servers with weak DH ciphers Randy Bush (Jul 17)
- Re: SEC webpages inaccessible due to Firefox blocking servers with weak DH ciphers Matt Palmer (Jul 17)
- <Possible follow-ups>
- Re: SEC webpages inaccessible due to Firefox blocking servers with weak DH ciphers Alexander Maassen (Jul 17)