Category: Web browser

Firefox 39.0 SSL Error: Weak Ephemeral Diffie-Hellman key

Recently updated Firefox to version 39.0 and tried to access Call Manager and Contact Center Express. Got the following Firefox error:

SSL received a weak ephemeral Diffie-Hellman key in Server Key Exchange handshake message. (Error code: ssl_error_weak_server_ephemeral_dh_key)

Solution documented in https://support.mozilla.org/en-US/questions/1066238

Explanation: http://arstechnica.com/security/2015/05/https-crippling-attack-threatens-tens-of-thousands-of-web-and-mail-servers/

  1. In Firefox, Enter “about:config” in the URL field and press enter.
  2. Accept the “This might void your warranty!” warning by clicking “I’ll be careful, I promise!” button.
  3. In the search field, enter “security.ssl3.dhe_rsa_aes”.
  4. Double click each result (128 SHA and 256 SHA) to toggle the Value to “false”.

No need to close and reopen the browser.