ECMS - "Secure Connection Failed" error in WebNow or NolijWeb after upgrading to Firefox 39

"Secure Connection Failed" error in WebNow or NolijWeb after upgrading to Firefox 39


ImageNow: "Secure Connection Failed" error in WebNow or NolijWeb after upgrading to Firefox 39

Issue

After upgrading to Firefox 39 you see the following error:

Secure Connection Failed
"An error occurred during a connection to <website>. SSL received a weak ephemeral Diffie-Hellman key in Server Key Exchange handshake message. (Error code: ssl_error_weak_server_ephemeral_dh_key)"
* The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.

Resolution

This is caused when Firefox 39 prevents a webpage from loading when the server is using cryptographically weak ciphers. Specifically the dhe_rsa_aes_256_sha and dhe_rsa_aes_128_sha were disabled with Firefox 39 to prevent attacks using the Logjam vulnerability.

In order to resolve this issue it will require the server to be updated to no longer use the vulnerable ciphers. Please refer to the following site for more information regarding this vulnerability and how to resolve it:

https://weakdh.org/

The following workaround can be applied in Firefox 39 until the server is updated:

  1. Open Firefox
  2. Type "about:config" into the address bar then hit enter
  3. Select "I’ll be careful, I promise!""
  4. In the search bar enter "security.ssl3.dhe"
  5. This should reduce the list to the following 2 options with the value set to "True"
    • security.ssl3.dhe_rsa_aes_128_sha
    • security.ssl3.dhe_rsa_aes_256_sha
  6. Double click both of these settings to change the value to "False"
  7. Close the about:config page



Keywords:Imaging Imaging System WebNow ImageNow perceptive content ecm ecms enterprise content management imaging imagenow perceptive eform secure connection failed firefox 47 48 49 ssl3 rsa aes 128 256 dhe   Doc ID:34351
Owner:Guy S.Group:ECMS
Created:2013-10-10 08:35 CDTUpdated:2015-07-29 10:06 CDT
Sites:DoIT Help Desk, ECMS
Feedback:  1   0