2

I'm testing Tomcat SSL configuration of my server and I was using the ssl-enum-ciphers script of nmap and the following warning appears:

Key exchange parameters of lower strength than certificate key

What does this mean? I can't find meaningful information on this diagnosis.

Tomcat server.xml ciphers:

ciphers="TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,
            TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
            TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,
            TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
            TLS_RSA_WITH_AES_128_GCM_SHA256,TLS_RSA_WITH_AES_256_GCM_SHA384,TLS_RSA_WITH_AES_128_CBC_SHA256,
            TLS_RSA_WITH_AES_256_CBC_SHA256,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA"
John Giotta
  • 127
  • 2
  • 10

1 Answers1

3

It means that the server is configured with a certificate having a certain key strength (perhaps 2048-bit RSA), but the particular cipher suite in use is configured to use different key exchange material of lower strength. This is most likely a Diffie-Hellman (DH) parameter with 1028-bit strength.

To fix this, you can either remove DH-related key exchange ciphersuites from your configuration, or generate and configure stronger DH parameters. More direct guidance is available at weakdh.org

bonsaiviking
  • 4,420
  • 17
  • 26
  • My certificate algorithm is PKCS #1 SHA-256 With RSA Encryption does this play a part? – John Giotta Nov 14 '16 at 19:22
  • @JohnGiotta It plays some part, but has nothing to do with key length, which is what the warning is about: Your certificate is stronger than your diffie-hellman parameters, so when clients choose DH ciphersuites, they're getting less protection. It looks like most versions of Tomcat don't allow users to improve this, but here's more info: https://blog.eveoh.nl/2014/02/tls-ssl-ciphers-pfs-tomcat/ – bonsaiviking Nov 15 '16 at 04:42