Avatar for Username

Przeszukaj pomoc

Unikaj oszustw związanych z pomocą.Nigdy nie będziemy prosić Cię o dzwonienie na numer telefonu, wysyłanie SMS-ów ani o udostępnianie danych osobowych. Zgłoś podejrzaną aktywność, korzystając z opcji „Zgłoś nadużycie”.

Więcej informacji

Wątek został zarchiwizowany. Jeśli potrzebujesz pomocy, zadaj nowe pytanie.

"Secure Connection Failed" Error on one particular website

  • 5 odpowiedzi
  • 10 osób ma ten problem
  • 9 wyświetleń
  • Ostatnia odpowiedź od cor-el

goodyfresh
goodyfresh
more options

When I try to access the https site for MyMU (it is a student services website for my Alma Mater, Marshall University) at https://mymu.marshall.edu/group/mycampus/home, I receive a "Secure Connection Failed" error with the following message: "An error occurred during a connection to mymu.marshall.edu. SSL received a weak ephemeral Diffie-Hellman key in Server Key Exchange handshake message. (Error code: ssl_error_weak_server_ephemeral_dh_key)." I am asking about this here because I already tried every possible solution given at https://support.mozilla.org/en-US/kb/secure-connection-failed-error-message, as well as several other solutions in the Mozilla forums and such, to no avail. What the heck is going on, and how can I fix it?

I can still access the https://mymu domain in Chrome, by the way. And this problem only seems to be happening after I updated to VERSION TWO OF THE FIREFOX 39.0 BETA (I should mention, I use the beta release because I want my browser to be 64-bit).

When I try to access the https site for MyMU (it is a student services website for my Alma Mater, Marshall University) at https://mymu.marshall.edu/group/mycampus/home, I receive a "Secure Connection Failed" error with the following message: "An error occurred during a connection to mymu.marshall.edu. SSL received a weak ephemeral Diffie-Hellman key in Server Key Exchange handshake message. (Error code: ssl_error_weak_server_ephemeral_dh_key)." I am asking about this here because I already tried every possible solution given at https://support.mozilla.org/en-US/kb/secure-connection-failed-error-message, as well as several other solutions in the Mozilla forums and such, to no avail. What the heck is going on, and how can I fix it? I can still access the https://mymu domain in Chrome, by the way. And this problem only seems to be happening after I updated to VERSION TWO OF THE FIREFOX 39.0 BETA (I should mention, I use the beta release because I want my browser to be 64-bit).

Wszystkie odpowiedzi (5)

philipp
philipp
  • Moderator
more options

hi, this means that the webserver is vulnerable to the recently published logjam vulnerability: http://arstechnica.com/security/2015/05/https-crippling-attack-threatens-tens-of-thousands-of-web-and-mail-servers/ please report that to the IT department of your university to fix...

goodyfresh
goodyfresh Zadający pytanie
more options

Thank you! I sent them an email about the issue.

For NOW, is there some way I can possibly BYPASS the issue to get into my email here in Firefox? Fact is, I don't have anything especially sensitive in my email that anyone could use to steal my identity, or anything like that, so this isn't such a big concern to me (i.e. a possible security leak or whatever couldn't really give a hacker anything useful on me through my email).

cor-el
cor-el
  • Moderator
  • Top 10 Contributor
more options

You can toggle involved DHE ciphers on the about:config page with double-click to false.

  • security.ssl3.dhe_rsa_aes_128_sha
  • security.ssl3.dhe_rsa_aes_256_sha

You can open the about:config page via the location/address bar. You can accept the warning and click "I'll be careful" to continue.

Zmodyfikowany przez cor-el w dniu

goodyfresh
goodyfresh Zadający pytanie
more options

Thank you very much! I am aware of the about:config preferences, have already done a bunch of tweaks in there before. Knowing which preferences to tweak to get this issue resolved was all I really needed ;)

cor-el
cor-el
  • Moderator
  • Top 10 Contributor
more options

You're welcome.