Submit a ticketCall us

Announcing NCM 7.7
With NCM 7.7, you can examine the rules that make up an access control list for a Cisco ASA device. Then you can apply filters to display only rules that meet the specified criteria, order the rules by line number or by the hit count, and much more.
See new features and improvements.

Home > Success Center > Web Help Desk (WHD) > Server has a weak ephemeral Diffie-Hellman public key

Server has a weak ephemeral Diffie-Hellman public key

Created by Brendan.McHugh, last modified by MindTouch on Jun 23, 2016

Views: 50 Votes: 0 Revisions: 10

Overview

When opening Web Help Desk using Chrome or Firefox, you may receive the following browser error:

Error message - "Server has a weak ephemeral Diffie-Hellman public key

Environment

  • Web Help Desk 12.3.0
  • Web Help Desk 12.2.x
  • Web Help Desk 11.x
  • Web Help Desk 10.x

Cause 

Due to browser updates to secure against Logjam attack.

Resolution

To resolve this issue please download and install Hot Fix 3 from your Customer Portal. Below are the notes for installing HotFix 3.

This Hot Fix requires Web Help Desk v12.3.0.

NOTE: In the installation instructions, <WebHelpDesk> represents the Web Help Desk home folder. The default home folders for various operating systems are listed 

  • Apple® OS X: /Library/WebHelpDesk
  • Microsoft® Windows®: \Program Files\WebHelpDesk
  • Red Hat®/CentOS™/Fedora Linux: /usr/local/webhelpdesk

1.  Log on to Web Help Desk as an Administrator.

2.  Stop Web Help Desk.

3.  Download and unzip the Hotfix 3 ZIP file to a directory on your Web Help Desk server.

4.  Back up your existing Web Help Desk configuration files.

       a. In the <WebHelpDesk>/bin/webapps/helpdesk/WEB-INF/lib/ directory, back up the following files to a separate directory:

          - whd-core.jar
          - whd-web.jar

       b. In the <WebHelpDesk>/bin/webapps/helpdesk/WEB-INF/DashboardPlugIns directory, back up the following files to a separate directory:

          - ActivityMonitor.jar
          - TicketQueryChart.jar

              
       c. In the <WebHelpDesk>/bin/webapps/helpdesk/WEB-INF/ReportPlugIns directory, back up the following file to a separate directory: 

          TicketReport.jar

       d. In the <WebHelpDesk>/conf directory, back up the following file to a  separate directory:

          tomcat_server_template.xml

5.  Install the files included with this hotfix into the appropriate directories on your Web Help Desk server. 

       a. In the <WebHelpDesk>/bin/webapps/helpdesk/WEB-INF/lib/ directory, add the following files:

          - whd-core.jar
          - whd-web.jar

       b. In the <WebHelpDesk>/bin/webapps/helpdesk/WEB-INF/DashboardPlugIns directory, add the following files:

          - ActivityMonitor.jar
          - TicketQueryChart.jar

              
       c. In the <WebHelpDesk>/bin/webapps/helpdesk/WEB-INF/ReportPlugIns directory, add the following file: 

          TicketReport.jar
   
6.  Reconfigure your Apache™ Tomcat™ server template file.

       WARNING: SolarWinds recommends that you configure your Tomcat server template file as instructed. Any additional modifications to the file may  result in system performance issues or errors.

           a. On your Web Help Desk server, navigate to the following directory:
              <WebHelpDesk>/conf  
           b. In the /conf directory, open the following file in a text editor:

              tomcat_server_template.xml 

           c. In the file, locate and replace all "_DHE_" substrings with the following substring:

        ECDHE_
   
   d. Save and close the file.

7.  Restart Web Help Desk.

       Hotfix 3 is installed on your Web Help Desk server.

8. Backup the file <WebHelpDesk>/conf/tomcat_server_template.xml to somewhere else just in case this does not work.

9. Edit the same file <WebHelpDesk>/conf/tomcat_server_template.xml

10. Look for the 2 lines saying `ciphers="****"` and replace both with the following:

ciphers="TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_RSA_WITH_RC4_128_SHA,TLS_RSA_WITH_3DES_EDE_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_128_GCM_SHA256,TLS_RSA_WITH_AES_256_CBC_SHA,TLS_RSA_WITH_RC4_128_MD5,TLS_RSA_WITH_RC4_128_SHA"

For more information, contact SolarWinds Technical Support at

www.solarwinds.net/support.

Last modified
04:47, 23 Jun 2016

Tags

Classifications

Public