[Solved] Server has a weak ephemeral Diffie-Hellman public key | Chrome Firefox Opera


I write this post in order to let you know how to resolve the 'Server has a weak ephemeral Diffie-Hellman public key' error. This error mainly occurs on browsers like Chrome, Firefox and Opera while you try to access a less secured page. Follow the steps below to solve this error in Firefox browser.


Firefox Users:

Type the URL given below in your browser's address bar,

about:config

Here in this config page, you will find a list of boolean entries. Search for below two entries,

security.ssl3.dhe_rsa_aes_128_sha

security.ssl3.dhe_rsa_aes_256_sha 

By default, these are set to TRUE. But you have to set them to FALSE in order to allow the less secured pages.

Chrome and Opera users, 

1) Instead of using HTTPS try using HTTP. For example,

Use http://letusexplain.blogspot.com instead of https://letusexplain.blogspot.com

2) If it doesn't work in http, you may have to use IE Tab extension to view only this web page in Chrome, This extension allows you to open a particular website on IE without exiting Chrome.

Once installed IE Tab, type the URL you want to visit on the Address bar of chrome.



You will see the error message, Now all you have to do is click on the IE Tab icon which you will find in the right corner of the Chrome window (Highlighted in Blue).

This would allow you view the web page without any issues. Though it's not an official fix, it still works.

I hope the steps given above solves your issue, Let me know if this helps.


Share this:

Hey there! I'm Senthil Kumar Murugesan, An Infrastructure engineer with a focus on Cisco Unified Communications and Hacking. Also I’m happy to mention that I’m a Linux junkie, a Cisco proponent, a Tools fanatic and Script lover. This is a blog, a rambling of thoughts, and a result of technical experiments

22 comments

  1. This did not work on FF 39 for:

    An error occurred during a connection to XXXXXXX. Cannot communicate securely with peer: no common encryption algorithm(s). (Error code: ssl_error_no_cypher_overlap)

    ReplyDelete
  2. This fixed my problem in FireFox. Thanks!

    ReplyDelete
    Replies
    1. Hi Senthil - is there any fix for Chrome?

      Delete
    2. Hi, It looks like this can't be fixed in Google chrome. Now-a-days chrome doesn't allow insecure HTTPS connections. In this case, the website/webserver needs to be fixed.

      Delete
    3. I just have updated the post, Chrome would allow you to open unsecured connections through IE Tab extension.

      Delete
  3. This worked perfectly in Firefox - much appreciated!

    ReplyDelete
  4. Worked in Firefox thank you

    ReplyDelete
  5. Works great, thanks Senthil.

    ReplyDelete
  6. how to solve in chrome?

    ReplyDelete
  7. Hi there , how to solve in chrome on Mac ? IE Tab is not support on Mac.

    ReplyDelete
  8. I get this error when pasting about:config in a new tab. I have tried on 3 different computers on 2 different networks. All instances resulted in this error below

    This webpage is not available

    ERR_INVALID_URL
    Hide details
    The webpage at chrome://config/ might be temporarily down or it may have moved permanently to a new web address.

    ReplyDelete
  9. Thanks for the information on how to work around the problem. It worked for me and allowed me to log into my router. Can you explain how I get the router changed so I don't need a work around? Thanks, Dave

    ReplyDelete
  10. it worked for me thanks

    ReplyDelete
  11. Many thanks. This worked in Germany with a Telekom Speedport router. I do wonder what settings were suddenly changed with no warning, and why?

    ReplyDelete
  12. The fix you offered for Fire Fox worked perfect. Much appreciate but what do I need to do to fix the real problem on my Server. I am using 2048 now with Verisign for my SSL. What should I do?
    Thank you.

    ReplyDelete
  13. Thank you, Senthil Kumar, This works; Helped me with connection issues. Thank you.

    ReplyDelete

Google Analytics Alternative