Etsi tuesta

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Lue lisää

why can I not connect to United Intranet when I can do so in Internet explorer

more options

In the past I had no problems connecting to the secure site United intranet. Now after I upgraded Firefox I get a message indicating there is a security issue. when I go to Internet Explorer, I have no problem connecting to the United intranet site.

In the past I had no problems connecting to the secure site United intranet. Now after I upgraded Firefox I get a message indicating there is a security issue. when I go to Internet Explorer, I have no problem connecting to the United intranet site.

Valittu ratkaisu

Is it the "weak ephemeral Diffie-Hellman key" error? Someone else mentioned getting that on a United employee website a couple weeks ago.

If that is the error you get, the server is trying to use an obsolete encryption cipher which is vulnerable to the Logjam attack that was in the news earlier this year.

What does that mean?

Even though you trust the server, a "Logjam" attack compromises the security of your individual connection to the server, lowering the protection normally provided by SSL to a level that is easily cracked and read by others on the network. That is why Firefox protects you from making this connection.

What can you do now?

The very best solution is to update the server. Please request that for everyone's protection! However, I suspect that is beyond your control and might not happen soon. As a workaround, you can try disabling these old ciphers in your Firefox, which hopefully will force the server to try some more secure ciphers when connecting with you. Here's how:

(1) In a new tab, type or paste about:config in the address bar and press Enter. Click the button promising to be careful.

(2) In the search box above the list, type or paste dhe and pause while the list is filtered

(3) Double-click the security.ssl3.dhe_rsa_aes_128_sha preference to switch it from true to false (disable Firefox from using this cipher)

(4) Double-click the security.ssl3.dhe_rsa_aes_256_sha preference to switch it from true to false (disable Firefox from using this cipher)

Then try the server again; you might have to reload the page using Ctrl+Shift+r to bypass cached information.

Success?

Lue tämä vastaus kontekstissaan 👍 8

Kaikki vastaukset (1)

more options

Valittu ratkaisu

Is it the "weak ephemeral Diffie-Hellman key" error? Someone else mentioned getting that on a United employee website a couple weeks ago.

If that is the error you get, the server is trying to use an obsolete encryption cipher which is vulnerable to the Logjam attack that was in the news earlier this year.

What does that mean?

Even though you trust the server, a "Logjam" attack compromises the security of your individual connection to the server, lowering the protection normally provided by SSL to a level that is easily cracked and read by others on the network. That is why Firefox protects you from making this connection.

What can you do now?

The very best solution is to update the server. Please request that for everyone's protection! However, I suspect that is beyond your control and might not happen soon. As a workaround, you can try disabling these old ciphers in your Firefox, which hopefully will force the server to try some more secure ciphers when connecting with you. Here's how:

(1) In a new tab, type or paste about:config in the address bar and press Enter. Click the button promising to be careful.

(2) In the search box above the list, type or paste dhe and pause while the list is filtered

(3) Double-click the security.ssl3.dhe_rsa_aes_128_sha preference to switch it from true to false (disable Firefox from using this cipher)

(4) Double-click the security.ssl3.dhe_rsa_aes_256_sha preference to switch it from true to false (disable Firefox from using this cipher)

Then try the server again; you might have to reload the page using Ctrl+Shift+r to bypass cached information.

Success?