18 Replies Latest reply on Jul 28, 2015 12:38 PM by winuxguy

    WebHelpDesk Reported to have a Weak Ephemeral Diffie-Hellman Public Key


      Hi Guys,


      Just want to share a sort of workaround on fixing the issues with the error from recent browsers showing the errors about Secure Connection Failed and shows an error code of ssl_error_weak_ephemeral_dh_key. Do the following steps:

      1. Backup the file <WebHelpDesk>/conf/tomcat_server_template.xml to somewhere else just in case this doesn't work

      2. Edit the same file <WebHelpDesk>/conf/tomcat_server_template.xml

      3. Look for the 2 lines saying `ciphers="yada_yada_yada_yada"` and replace both with the following:



      4. Save the file and restart WHD


      Note: All the ciphers will function if you are running WHD versions 12.2 and 12.3 with the built-in Java Runtime Environment version 7. If you are running WHD version 12.1, be sure to apply the fix for the SSLv3 Poodle vulnerability enabling TLSv1.1, TLSv1.2 with JRE 7 setup.


      This should also increase your security rating scan from Qualys SSL Labs. Hope this helps!