DEV Community

CoderLegion
CoderLegion

Posted on β€’ Edited on β€’ Originally published at kodblems.com

2 1

Server has a weak ephemeral diffie-hellman public key err_ssl_weak_server_ephemeral_dh_key

πŸŽ‰ Before you dive into this article...

πŸš€ Check out our vibrant new community at CoderLegion.com!

πŸ’‘ Share your knowledge, connect with like-minded developers, and grow together.

πŸ‘‰ Click here to join now!

"Server has a weak ephemeral diffie-hellman public key err_ssl_weak_server_ephemeral_dh_key"
I guess Chrome have released an update over the past week.
And this update has caused at least 100 of our internal applications to throw the exception shown below. The solutions I have found over the Internet, talk about updating the application server with a stronger cipher.
But, our applications are spread out over various different servers like IIS, tomcat, jboss, weblogic and websphere. So it is not practical solution for me to expect all of these application servers to be updated. Is there any way to get Chrome to allow an
"exception" for these sites ? As these sites are all our internal sites, so the security is not really a concern for us.

Firefox also throws the same exception but there is a documented fix for that by simply changing some settings in Firefox. Is there anyone who is aware of a similar fix in Chrome?

Error

Server has a weak ephemeral Diffie-Hellman public key

ERR_SSL_WEAK_SERVER_EPHEMERAL_DH_KEY

Solution :
Of "Server has a weak ephemeral diffie-hellman public key err_ssl_weak_server_ephemeral_dh_key"
I had also faced the same issue recently.
After doing research I found the solution on it.

I have solved this problem without upgrading jrockit but by simply configuring the ssl section like follows :

`

true

false

500

false

false

true

BuiltinSSLValidationOnly

BuiltinSSLValidationOnly

false

false

true
`

It solved many different problems on SSL with chrome. I hope it will help you too in resolving your issue.

Billboard image

The fastest way to detect downtimes

Join Vercel, CrowdStrike, and thousands of other teams that trust Checkly to streamline monitoring.

Get started now

Top comments (0)

Billboard image

The Next Generation Developer Platform

Coherence is the first Platform-as-a-Service you can control. Unlike "black-box" platforms that are opinionated about the infra you can deploy, Coherence is powered by CNC, the open-source IaC framework, which offers limitless customization.

Learn more

πŸ‘‹ Kindness is contagious

Immerse yourself in a wealth of knowledge with this piece, supported by the inclusive DEV Communityβ€”every developer, no matter where they are in their journey, is invited to contribute to our collective wisdom.

A simple β€œthank you” goes a long wayβ€”express your gratitude below in the comments!

Gathering insights enriches our journey on DEV and fortifies our community ties. Did you find this article valuable? Taking a moment to thank the author can have a significant impact.

Okay