Submit a ticketCall us

AnnouncementsChange Is Inevitable

Get valuable help when it comes to tracking and monitoring changes. SolarWinds® Server Configuration Monitor (SCM) is designed to help you: detect, track, and receive alerts when changes occur, correlate system performance against configuration changes, compare server and application configuration against custom baselines, and verify application and system changes.

Learn more.

Home > Success Center > Web Help Desk (WHD) > WHD - Knowledgebase Articles > Server has a weak ephemeral Diffie-Hellman public key

Server has a weak ephemeral Diffie-Hellman public key

Created by Brendan.McHugh, last modified by Steve.Hawkins on Oct 16, 2018

Views: 1,421 Votes: 0 Revisions: 11

Overview

When opening Web Help Desk using Chrome or Firefox, you may receive the following browser error:

Error message - "Server has a weak ephemeral Diffie-Hellman public key

Environment

  • Web Help Desk 12.3.0
  • Web Help Desk 12.2.x
  • Web Help Desk 11.x
  • Web Help Desk 10.x

Cause 

Due to browser updates to secure against Logjam attack.

Resolution

To resolve this issue please download and install Hot Fix 3 from your Customer Portal. Below are the notes for installing HotFix 3.

This Hot Fix requires Web Help Desk v12.3.0.

In the installation instructions, <WebHelpDesk> represents the Web Help Desk home folder. The default home folders for various operating systems are listed 

  • Apple® OS X: /Library/WebHelpDesk
  • Microsoft® Windows®: \Program Files\WebHelpDesk
  • Red Hat®/CentOS™/Fedora Linux: /usr/local/webhelpdesk
  1. Log in to Web Help Desk as an Administrator
  2. Stop Web Help Desk
  3. Download and unzip the Hotfix 3 ZIP file to a directory on your Web Help Desk server.
  4. Back up your existing Web Help Desk configuration files.
    1. In the <WebHelpDesk>/bin/webapps/helpdesk/WEB-INF/lib/ directory, back up the following files to a separate directory:
      • whd-core.jar
      • whd-web.jar
    2. In the <WebHelpDesk>/bin/webapps/helpdesk/WEB-INF/DashboardPlugIns directory, back up the following files to a separate directory:
      • ActivityMonitor.jar
      • TicketQueryChart.jar
    3. In the <WebHelpDesk>/bin/webapps/helpdesk/WEB-INF/ReportPlugIns directory, back up the following file to a separate directory: 
      • TicketReport.jar
    4. In the <WebHelpDesk>/conf directory, back up the following file to a  separate directory:
      • tomcat_server_template.xml
  5. Install the files included with this hotfix into the appropriate directories on your Web Help Desk server. 
    1. In the <WebHelpDesk>/bin/webapps/helpdesk/WEB-INF/lib/ directory, add the following files:
      1. whd-core.jar
      2. whd-web.jar
    2. In the <WebHelpDesk>/bin/webapps/helpdesk/WEB-INF/DashboardPlugIns directory, add the following files:
      1. ActivityMonitor.jar
      2. TicketQueryChart.jar
    3. In the <WebHelpDesk>/bin/webapps/helpdesk/WEB-INF/ReportPlugIns directory, add the following file:
      1. TicketReport.jar
  6. Reconfigure your Apache™ Tomcat™ server template file.

    WARNING: SolarWinds recommends that you configure your Tomcat server template file as instructed. Any additional modifications to the file may  result in system performance issues or errors.

    1. On your Web Help Desk server, navigate to the following directory:
      1. <WebHelpDesk>/conf 
    2. In the /conf directory, open the following file in a text editor:
      1. tomcat_server_template.xml 
    3. In the file, locate and replace all "_DHE_" substrings with the following substring:
      ECDHE_
    4. Save and close the file.
  7. Restart Web Help Desk
    Hotfix 3 is installed on your Web Help Desk server.
  8. Back up the <WebHelpDesk>/conf/tomcat_server_template.xml file to another location in case you encounter a problem.
  9. Edit the same file:
    <WebHelpDesk>/conf/tomcat_server_template.xml
  10. Look for the 2 lines saying `ciphers="****"` and replace both with the following:
    ciphers="TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_RSA_WITH_RC4_128_SHA,TLS_RSA_WITH_3DES_EDE_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_128_GCM_SHA256,TLS_RSA_WITH_AES_256_CBC_SHA,TLS_RSA_WITH_RC4_128_MD5,TLS_RSA_WITH_RC4_128_SHA"

For more information, contact SolarWinds Technical Support.

 

Last modified

Tags

Classifications

Public