SEC webpages inaccessible due to Firefox blocking servers with weak DH ciphers

• Previous message (by thread): SEC webpages inaccessible due to Firefox blocking servers with weak DH ciphers
• Next message (by thread): SEC webpages inaccessible due to Firefox blocking servers with weak DH ciphers
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 07/17/2015 08:41 AM, Robert Drake wrote:

> I've also got a jetty server (opennms) that broke due to this,
> so I upgraded and fixed the SSL options and it's still broken in some
> way that won't log errors.  I have no time to track that down so the
> workaround is to use the unencrypted version until I can figure it out.

We had a ticket about this a couple weeks ago from a support client who
was catching flak from a PCI-DSS audit team. Here's the changeset that
should address the problem:

https://github.com/OpenNMS/opennms/commit/6da9e8952e7f81b0b863da93add684c5e963e0ba

-jeff

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20150717/25a1ae11/attachment.sig>

• Previous message (by thread): SEC webpages inaccessible due to Firefox blocking servers with weak DH ciphers
• Next message (by thread): SEC webpages inaccessible due to Firefox blocking servers with weak DH ciphers
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]