Hi Russ, please refer to the Play framework's documentation about cipher suites at https://www.playframework.com/documentation/2.3.x/CipherSuites#Recommendation:-increase-the-DHE-key-size which also explains how to increase the DHE key size. You will also need to upgrade to Java 8, if you're still running Java 7 (which has reached EOL in April 2015).
Cheers, Jochen On Tuesday, 8 September 2015 15:26:24 UTC+2, Russ Collier wrote: > > Howdy, > > This appears to have started happening recently with newer versions of > Chrome (version 45.0.2454.85) and Firefox (version 39), but using the > Graylog Web Interface 1.1.6 with HTTPS and a valid SSL certificate/Java > KeyStore (type: JKS), when I access our Graylog web interface installation, > I get an error message like ERR_SSL_WEAK_SERVER_EPHEMERAL_DH_KEY "Server > has a weak ephemeral Diffie-Hellman public key". This doesn't happen when > using Internet Explorer 10, though. > > I thought I'd read this is possibly due to recent updates in some web > browsers with more stringent SSL cipher requirements related to the Logjam > vulnerability earlier this year. > > Is anyone else experiencing this issue? And know of any workarounds? I > wasn't sure if this was just affecting me, or if it was worth raising a > request in the Graylog Web Interface issue tracker. > > Thanks! > Russ > > -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/5c31847e-5e55-4ae9-b026-a368aa8b3529%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
