Hi Russ, please refer to the Play framework's documentation about cipher suites at https://www.playframework.com/documentation/2.3.x/CipherSuites#Recommendation:-increase-the-DHE-key-size which also explains how to increase the DHE key size. You will also need to upgrade to Java 8, if you're still running Java 7 (which has reached EOL in April 2015).
Cheers, Jochen On Tuesday, 8 September 2015 15:26:24 UTC+2, Russ Collier wrote: > > Howdy, > > This appears to have started happening recently with newer versions of > Chrome (version 45.0.2454.85) and Firefox (version 39), but using the > Graylog Web Interface 1.1.6 with HTTPS and a valid SSL certificate/Java > KeyStore (type: JKS), when I access our Graylog web interface installation, > I get an error message like ERR_SSL_WEAK_SERVER_EPHEMERAL_DH_KEY "Server > has a weak ephemeral Diffie-Hellman public key". This doesn't happen when > using Internet Explorer 10, though. > > I thought I'd read this is possibly due to recent updates in some web > browsers with more stringent SSL cipher requirements related to the Logjam > vulnerability earlier this year. > > Is anyone else experiencing this issue? And know of any workarounds? I > wasn't sure if this was just affecting me, or if it was worth raising a > request in the Graylog Web Interface issue tracker. > > Thanks! > Russ > > -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to graylog2+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/5c31847e-5e55-4ae9-b026-a368aa8b3529%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
