Firefox: Error code: ssl_error_weak_server_ephemeral_dh_key
Posted: 2023 May 03, 20:16
Access the following link https://www.cisco-global-returns.com/ciscologin/
Error
An error occurred during a connection to http://www.cisco-global-returns.com. SSL received a weak ephemeral Diffie-Hellman key in Server Key Exchange handshake message. (Error code: ssl_error_weak_server_ephemeral_dh_key)
The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
Please contact the website owners to inform them of this problem.
Solution #1. A terminal is opened and commands are executed
Reboot the operating system after the packages are installed.
It is very possible that this error is caused by the nss* library packages
Update firefox
The NSS* 3.19.1 library has a number of incompatibilities with firefox version 38.0.5.
We are currently stuck with NSS* version 3.17.2, due to the incompatibility of the higher version.
The error was solved with the new update for the nss* libraries. The new version should be nss-*-3.19.2-1.0.fc21.i686.rpm.
All packages can be updated and it is observed during the update that the nss* libraries are renewed.
Error
An error occurred during a connection to http://www.cisco-global-returns.com. SSL received a weak ephemeral Diffie-Hellman key in Server Key Exchange handshake message. (Error code: ssl_error_weak_server_ephemeral_dh_key)
The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
Please contact the website owners to inform them of this problem.
Solution #1. A terminal is opened and commands are executed
Code: Select all
[root @ fedora ~]$ openssl s_client -connect http://www.cisco-global-returns.com:443 -cipher EDH </dev/null 2>&1 | grep 'Server Temp Key'
Server Temp Key: DH, 768 bits
[root @ fedora ~]$ dnf downgrade nss nss-sysinit nss-util nss-softokn nss-softokn-freebl nss-tools nss-sysinit firefox
Using metadata from Thu Jun 18 11:32:54 2015 (0:46:53 hours old)
Dependencies resolved.
=====================================================================
Package Arch Version Repository Size
=====================================================================
Downgrading:
firefox i686 33.1-2.fc21 fedora 65 M
nss i686 3.17.2-1.fc21 fedora 853 k
nss-softokn i686 3.17.2-1.fc21 fedora 315 k
nss-softokn-freebl i686 3.17.2-1.fc21 fedora 194 k
nss-sysinit i686 3.17.2-1.fc21 fedora 53 k
nss-tools i686 3.17.2-1.fc21 fedora 492 k
nss-util i686 3.17.2-1.fc21 fedora 80 k
Transaction Summary
=====================================================================
Downgrade 7 Packages
Total download size: 66 M
Is this ok [y/N]: yCode: Select all
[root @ fedora ~]$ rebootUpdate firefox
Code: Select all
[root @ fedora ~]$ yum update firefox
Loaded plugins: langpacks
Resolving Dependencies
--> Running transaction check
---> Package firefox.i686 0:33.1-2.fc21 will be updated
---> Package firefox.i686 0:38.0.5-1.fc21 will be an update
--> Finished Dependency Resolution
Dependencies Resolved
=====================================================================
Package Arch Version Repository Size
=====================================================================
Updating:
firefox i686 38.0.5-1.fc21 updates 71 M
Transaction Summary
=====================================================================
Upgrade 1 Package
Total download size: 71 M
Is this ok [y/d/N]: y
Downloading packages:
Delta RPMs reduced 71 M of updates to 52 M (27% saved)
firefox-33.1-2.fc21_38.0.5-1.fc21.i686.drpm | 52 MB 00:00:16
Finishing delta rebuilds of 1 package(s) (71 M)
Running transaction checkrpms> 100% [=============================================] 0.0 B/s | 71 MB --:--:-- ETA
Running transaction test
Transaction test succeeded
Running transaction (shutdown inhibited)
Updating : firefox-38.0.5-1.fc21.i686 1/2
Cleanup : firefox-33.1-2.fc21.i686 2/2
Verifying : firefox-38.0.5-1.fc21.i686 1/2
Verifying : firefox-33.1-2.fc21.i686 2/2
Updated:
firefox.i686 0:38.0.5-1.fc21
Complete!We are currently stuck with NSS* version 3.17.2, due to the incompatibility of the higher version.
The error was solved with the new update for the nss* libraries. The new version should be nss-*-3.19.2-1.0.fc21.i686.rpm.
All packages can be updated and it is observed during the update that the nss* libraries are renewed.
Code: Select all
[root @ fedora ~]$ yum update -y