RE: unable to access Jenkins in Firefox and Chrome after latest browser updates because of "weak ephemeral Diffie-Hellman public key"

2015-11-02 Thread Roger Moore
Based on what Indra said, we began thinking the problem was not with Jenkins because we are using a higher version of it than Indra. We ran an experiment on a brand new Red Hat 7.1 server and installed Java 1.8.x and the LTS version of Jenkins. We generated self-signed certificates and tried

Re: unable to access Jenkins in Firefox and Chrome after latest browser updates because of "weak ephemeral Diffie-Hellman public key"

2015-10-29 Thread Indra Gunawan (ingunawa)
HI Roger, If you upgrade to the latest LTS this issue goes away. I see this on very old instance of Jenkins running 1.455 we are still running. After upgrade to v. 1.580.3 with SSL left as is with existing .keystore, I am not seeing this anymore. -Indra On 10/28/15, 11:14 AM,

RE: unable to access Jenkins in Firefox and Chrome after latest browser updates because of "weak ephemeral Diffie-Hellman public key"

2015-10-29 Thread Roger Moore
Hi Indra, thanks for your reply. We are currently running 1.596. When you upgraded to 1.580.3, did that change your version of Java too? -Original Message- From: jenkinsci-users@googlegroups.com [mailto:jenkinsci-users@googlegroups.com] On Behalf Of Indra Gunawan (ingunawa) Sent:

Re: unable to access Jenkins in Firefox and Chrome after latest browser updates because of "weak ephemeral Diffie-Hellman public key"

2015-10-29 Thread Indra Gunawan (ingunawa)
When we upgraded to 1.580.3. We simply download the RHEL RPM package and install it. We make sure to give the location of our existing .keystore set for “JENKINS_HTTPS_KEYSTORE=“ in the /etc/sysconfig/jenkins. We install Oracle JDK 7 to run Jenkins. I have been using Oracle JDK 7 to run Jenkins

Re: unable to access Jenkins in Firefox and Chrome after latest browser updates because of "weak ephemeral Diffie-Hellman public key"

2015-10-28 Thread Daniel Beck
To clarify, you're using the embedded Jetty-Winstone to run Jenkins (i.e. java -jar jenkins.war), including SSL/TLS? On 28.10.2015, at 17:17, Roger Moore wrote: > Thanks Brent. I had found similar discussions but not on that message list. > > After reading that

RE: unable to access Jenkins in Firefox and Chrome after latest browser updates because of "weak ephemeral Diffie-Hellman public key"

2015-10-28 Thread Roger Moore
Thanks Brent. I had found similar discussions but not on that message list. After reading that though, and from the other things I’ve found, it seems the correct fix is to change the setting on the Jenkins server because we already are using 1024-bit certificates. I had found a page that

Re: unable to access Jenkins in Firefox and Chrome after latest browser updates because of "weak ephemeral Diffie-Hellman public key"

2015-10-28 Thread wakelt
We ran into this with issue with a different server application that was using SSL/TLS. Chances are you need to update the server to stop advertising weak diffie-hellman ciphers. The last firefox/chrome browsers will see those ciphers and believe their is a client attack on the horizon. So,

RE: unable to access Jenkins in Firefox and Chrome after latest browser updates because of "weak ephemeral Diffie-Hellman public key"

2015-10-28 Thread Roger Moore
The deed is done. It was my first submission, so please let me know if I screwed it up... https://issues.jenkins-ci.org/browse/JENKINS-31242 -Original Message- From: jenkinsci-users@googlegroups.com [mailto:jenkinsci-users@googlegroups.com] On Behalf Of Daniel Beck Sent: Wednesday,

Re: unable to access Jenkins in Firefox and Chrome after latest browser updates because of "weak ephemeral Diffie-Hellman public key"

2015-10-28 Thread Daniel Beck
Could you file an improvement against the 'winstone' component in our issue tracker? https://wiki.jenkins-ci.org/display/JENKINS/How+to+report+an+issue On 28.10.2015, at 17:50, Roger Moore wrote: > Thank for the reply, Daniel. > > I am using the default

unable to access Jenkins in Firefox and Chrome after latest browser updates because of "weak ephemeral Diffie-Hellman public key"

2015-10-27 Thread Roger Moore
Has anyone else seen a problem accessing Jenkins after Chrome was updated to v45? Chrome reports: "This error can occur when connecting to a secure (HTTPS) server. It means that the server is trying to set up a secure connection but, due to a disastrous misconfiguration, the connection

Re: unable to access Jenkins in Firefox and Chrome after latest browser updates because of "weak ephemeral Diffie-Hellman public key"

2015-10-27 Thread Brent Atkinson
https://productforums.google.com/forum/#!topic/chrome/o3vZD-Mg2Ic On Tue, Oct 27, 2015 at 1:31 PM, Roger Moore wrote: > Has anyone else seen a problem accessing Jenkins after Chrome was updated > to v45? Chrome reports: > > "This error can occur when connecting to a