How to config local Jetty ssl to avoid weak phermeral DH key error?

Question

I'm using keytool to generate a keystore to config a local development jetty to run ssl

keytool.exe -keystore jetty.keystore -alias jetty -genkey -keyalg RSA -sigalg SHA256withRSA

Jetty config:

<Call name="addConnector">
    <Arg>
        <New class="org.eclipse.jetty.server.ssl.SslSelectChannelConnector">
            <Arg>
                <New class="org.eclipse.jetty.http.ssl.SslContextFactory">
                    <Set name="keyStore">jetty/jetty.keystore</Set>
                    <Set name="keyStorePassword">jetty6</Set>
                    <Set name="keyManagerPassword">jetty6</Set>
                    <Set name="trustStore">jetty/jetty.keystore</Set>
                    <Set name="trustStorePassword">jetty6</Set>
                </New>
            </Arg>
            <Set name="port">8443</Set>
            <Set name="maxIdleTime">30000</Set>
        </New>
    </Arg>
</Call>

It works fine until recently in new browser like Firefox Aurora and Chrome Canary, it rejects with (in Firefox's case):

An error occurred during a connection to localhost:8443. SSL received a weak ephemeral Diffie-Hellman key in Server Key Exchange handshake message. (Error code: ssl_error_weak_server_ephemeral_dh_key)

There is no way to accept it manually. So, I should re-generate a stronger key? Or it's a configuration in jetty?

score 10 · Accepted Answer · answered Aug 11 '15 at 12:25

The accepted answer didn't fix it for me (Jetty 9.2, Java 7), but this did:

<Set name="ExcludeCipherSuites">
  <Array type="String">
    <Item>SSL_RSA_WITH_DES_CBC_SHA</Item>
    <Item>SSL_DHE_RSA_WITH_DES_CBC_SHA</Item>
    <Item>SSL_DHE_DSS_WITH_DES_CBC_SHA</Item>
    <Item>SSL_RSA_EXPORT_WITH_RC4_40_MD5</Item>
    <Item>SSL_RSA_EXPORT_WITH_DES40_CBC_SHA</Item>
    <Item>SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA</Item>
    <!-- Disable cipher suites with Diffie-Hellman key exchange to prevent Logjam attack 
    and avoid the ssl_error_weak_server_ephemeral_dh_key error in recent browsers -->
    <Item>SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA</Item>
    <Item>SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA</Item>
    <Item>TLS_DHE_RSA_WITH_AES_256_CBC_SHA256</Item>
    <Item>TLS_DHE_DSS_WITH_AES_256_CBC_SHA256</Item>
    <Item>TLS_DHE_RSA_WITH_AES_256_CBC_SHA</Item>
    <Item>TLS_DHE_DSS_WITH_AES_256_CBC_SHA</Item>
    <Item>TLS_DHE_RSA_WITH_AES_128_CBC_SHA256</Item>
    <Item>TLS_DHE_DSS_WITH_AES_128_CBC_SHA256</Item>
    <Item>TLS_DHE_RSA_WITH_AES_128_CBC_SHA</Item>
    <Item>TLS_DHE_DSS_WITH_AES_128_CBC_SHA</Item>
  </Array>
</Set>
<!-- setting required for preventing Poodle attack, see http://stackoverflow.com/questions/26382540/how-to-disable-the-sslv3-protocol-in-jetty-to-prevent-poodle-attack/26388531#26388531 -->
<Set name="ExcludeProtocols">
<Array type="java.lang.String">
   <Item>SSLv3</Item>
</Array>
</Set>

score 3 · Answer 2 · answered Sep 20 '15 at 13:40

Embedded Jetty code for UnSandpiper solution:

    sslContextFactory.setExcludeCipherSuites(
            "SSL_RSA_WITH_DES_CBC_SHA",
            "SSL_DHE_RSA_WITH_DES_CBC_SHA",
            "SSL_DHE_DSS_WITH_DES_CBC_SHA",
            "SSL_RSA_EXPORT_WITH_RC4_40_MD5",
            "SSL_RSA_EXPORT_WITH_DES40_CBC_SHA",
            // Disable cipher suites with Diffie-Hellman key exchange to prevent Logjam attack
            //and avoid the ssl_error_weak_server_ephemeral_dh_key error in recent browsers
            "SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA",
            "SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA",
            "SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA",
            "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256",
            "TLS_DHE_DSS_WITH_AES_256_CBC_SHA256",
            "TLS_DHE_RSA_WITH_AES_256_CBC_SHA",
            "TLS_DHE_DSS_WITH_AES_256_CBC_SHA",
            "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256",
            "TLS_DHE_DSS_WITH_AES_128_CBC_SHA256",
            "TLS_DHE_RSA_WITH_AES_128_CBC_SHA",
            "TLS_DHE_DSS_WITH_AES_128_CBC_SHA");

    // Setting required for preventing Poodle attack,
    // see http://stackoverflow.com/questions/26382540/how-to-disable-the-sslv3-protocol-in-jetty-to-prevent-poodle-attack/26388531#26388531
    sslContextFactory.setExcludeProtocols("SSLv3");

score 1 · Answer 3 · answered Jun 17 '15 at 10:27

Don't know too much about jetty, but it seems you are barking up the wrong tree.

It is not the server key firefox is complaining about, but a (temporary) ephemeral DH key used in setting up the connections. You need to configure what SSL/TLS encryptions jetty may use. Look at selecting a different cipher suite.

score 0 · Answer 4 · answered Jul 14 '15 at 01:03

This works with OpenJDK 7 as the code above to call setIncludeCipherSuites () fails to allow any connections

sslContextFactory.setExcludeCipherSuites("TLS_DHE.*", "TLS_EDH.*");
sslContextFactory.setExcludeProtocols("SSLv3");
sslContextFactory.setRenegotiationAllowed(false);

How to config local Jetty ssl to avoid weak phermeral DH key error?

4 Answers4

Linked