ECMS - "Secure Connection Failed" error in WebNow or NolijWeb after upgrading to Firefox 39
"Secure Connection Failed" error in WebNow or NolijWeb after upgrading to Firefox 39
ImageNow: "Secure Connection Failed" error in WebNow or NolijWeb after upgrading to Firefox 39
After upgrading to Firefox 39 you see the following error:
Secure Connection Failed
"An error occurred during a connection to <website>. SSL received a weak ephemeral Diffie-Hellman key in Server Key Exchange handshake message. (Error code: ssl_error_weak_server_ephemeral_dh_key)"
* The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
This is caused when Firefox 39 prevents a webpage from loading when the server is using cryptographically weak ciphers. Specifically the dhe_rsa_aes_256_sha and dhe_rsa_aes_128_sha were disabled with Firefox 39 to prevent attacks using the Logjam vulnerability.
In order to resolve this issue it will require the server to be updated to no longer use the vulnerable ciphers. Please refer to the following site for more information regarding this vulnerability and how to resolve it:
The following workaround can be applied in Firefox 39 until the server is updated:
- Open Firefox
- Type "about:config" into the address bar then hit enter
- Select "I’ll be careful, I promise!""
- In the search bar enter "security.ssl3.dhe"
- This should reduce the list to the following 2 options with the value set to "True"
- Double click both of these settings to change the value to "False"
- Close the about:config page